Hello everyone!
I am trying to enable an additional ruleset using suricata-update as described in the documentation. For instancse, following the official guide to enable the OISF TrafficID ruleset I am running the following commands:
I don’t belive this is the reason, since I am runing all command as root.
However, I found a workaround (leaving it here in case someone else runs into the same issue):
sources:
# Emerging Threats Open with the Suricata version dynamically replaced.
- https://rules.emergingthreats.net/open/suricata-%(__version__)s/emerging.rules.tar.gz
# The SSL blacklist, which is just a standalone rule file.
- https://sslbl.abuse.ch/blacklist/sslblacklist.rules