Hello everyone, i”m new.
I”m trying to write and learn suricata rules but everytime i testing rule i need using suricata-update and suricatasc reload-rules. it”s not comfortable. So i need a solution to testing rule fast
I figure out just doing like this: 7.2. Adding Your Own Rules — Suricata 6.0.0 documentation and comment the line have suricata.rules
for testing you can also pass a rule file to Suricata directly with the -s <file> or -S <file> commandline options.
1 Like