Skip to content
This repository was archived by the owner on Apr 16, 2021. It is now read-only.
This repository was archived by the owner on Apr 16, 2021. It is now read-only.

rule-update: have server use barnyard2 to update Snorby reference table #551

Closed
Closed
rule-update: have server use barnyard2 to update Snorby reference table#551
Labels
Priority-MediumType-Defectauto-migrated
@GoogleCodeExporter

Description

@GoogleCodeExporter
GoogleCodeExporter
opened on Mar 24, 2015
rule-update:

source /etc/nsm/securityonion.conf
if [ -d /var/lib/mysql/snorby ] && [ "$SNORBY_ENABLED" = "yes" ]; then
  if [ ! -f /etc/nsm/rules/gen-msg.map ]; then cp /etc/nsm/templates/snort/gen-msg.map /etc/nsm/rules/; fi
  if [ ! -f /etc/nsm/rules/classification.config ]; then
                grep -h -v "^#" /etc/nsm/templates/snort/classification.config /etc/nsm/templates/suricata/classification.config |sort -u > /etc/nsm/rules/classification.config
  fi
  if [ ! -f /etc/nsm/rules/reference.config ]; then
                grep -h -v "^#" /etc/nsm/templates/snort/reference.config /etc/nsm/templates/suricata/reference.config |sort -u > /etc/nsm/rules/reference.config
  fi
  mysql snorby -e "delete from sig_reference; delete from reference;"
  barnyard2 -c /etc/nsm/barnyard2-snorby/barnyard2.conf

Original issue reported on code.google.com by doug.bu...@gmail.com on 6 Jun 2014 at 6:41

Metadata

Metadata

Assignees

No one assigned

    Labels

    Priority-MediumType-Defectauto-migrated

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions