Rule grammar specification

mmxmb · August 30, 2021, 2:25pm

Is Suricata rule grammar specified somewhere? EBNF or PEG notation would be ideal. I can’t find anything in the official documentation.

jufajardini · September 3, 2021, 2:23pm

Hey there!

Welcome to our forum ^^

As far as we can tell, there isn’t such a specification. I have added a ticket in issue tracker, in case anyone from the community is willing and able to contribute with that Documentation #4662: Add documentation section covering Suricata rule grammar - Suricata - Open Information Security Foundation

Topic		Replies	Views
Developing rules for beginners Developers	4	525	August 22, 2020
Running Suricata default in Windows Rules	3	608	May 24, 2023
Instruction to write rules on Suricata Help	7	1782	February 12, 2021
[Free Workshop] Hands on with Suricata Language Server - Eric Leblond Rules suricata	0	408	March 9, 2022
Question about OR, AND Operator Logical Rules	2	336	June 7, 2023