table of contents
other versions
- bookworm 1.2.7-1
- bookworm-backports 1.3.3-1~bpo12+1
- testing 1.3.3-1
- unstable 1.3.3-1
| SURICATA-UPDATE(1) | User Commands | SURICATA-UPDATE(1) |
NAME¶
suricata-update - tool to update Suricata sources
DESCRIPTION¶
usage: suricata-update update [-h] [-v] [-q] [-D <directory>] [-c <filename>]
- [--suricata-conf <filename>] [--suricata <path>]
- [--suricata-version <version>] [--user-agent <user-agent>] [--no-check-certificate] [-V] [-o <directory>] [-f] [--yaml-fragment <filename>] [--url <url>] [--local <path>] [--sid-msg-map <filename>] [--sid-msg-map-2 <filename>] [--disable-conf <filename>] [--enable-conf <filename>] [--modify-conf <filename>] [--drop-conf <filename>] [--ignore <pattern>] [--no-ignore] [--threshold-in <filename>] [--threshold-out <filename>] [--dump-sample-configs] [--etopen] [--reload-command <command>] [--no-reload] [-T <command>] [--no-test] [--no-merge]
optional arguments:¶
- -h, --help
- show this help message and exit
- -v, --verbose
- Be more verbose
- -q, --quiet
- Be quiet, warning and error messages only
- -D <directory>, --data-dir <directory>
- Data directory (default: /var/lib/suricata)
- -c <filename>, --config <filename>
- configuration file (default: /etc/suricata/update.yaml)
- --suricata-conf <filename>
- configuration file (default: /etc/suricata/suricata.yaml)
- --suricata <path>
- Path to Suricata program
- --suricata-version <version>
- Override Suricata version
- --user-agent <user-agent>
- Set custom user-agent string
- --no-check-certificate
- Disable server SSL/TLS certificate verification
- -V, --version
- Display version
- -o <directory>, --output <directory>
- Directory to write rules to
- -f, --force
- Force operations that might otherwise be skipped
- --yaml-fragment <filename>
- Output YAML fragment for rule inclusion
- --url <url>
- URL to use instead of auto-generating one (can be specified multiple times)
- --local <path>
- Local rule files or directories (can be specified multiple times)
- --sid-msg-map <filename>
- Generate a sid-msg.map file
- --sid-msg-map-2 <filename>
- Generate a v2 sid-msg.map file
- --disable-conf <filename>
- Filename of rule disable filters
- --enable-conf <filename>
- Filename of rule enable filters
- --modify-conf <filename>
- Filename of rule modification filters
- --drop-conf <filename>
- Filename of drop rules filters
- --ignore <pattern>
- Filenames to ignore (can be specified multiple times; default: *deleted.rules)
- --no-ignore
- Disables the ignore option.
- --threshold-in <filename>
- Filename of rule thresholding configuration
- --threshold-out <filename>
- Output of processed threshold configuration
- --dump-sample-configs
- Dump sample config files to current directory
- --etopen
- Use ET-Open rules (default)
- --reload-command <command>
- Command to run after update if modified
- --no-reload
- Disable reload
- -T <command>, --test-command <command>
- Command to test Suricata configuration
- --no-test
- Disable testing rules with Suricata
- --no-merge
- Do not merge the rules into a single file
other commands:¶
- update-sources
- Update the source index
- list-sources
- List available sources
- enable-source
- Enable a source from the index
- disable-source
- Disable an enabled source
- remove-source
- Remove an enabled or disabled source
- list-enabled-sources
- List all enabled sources
- add-source
- Add a new source by URL
| May 2019 | suricata-update version 1.0.5 |