Feature #1542: dump-config - extend into multi-detect supplied yaml configuration - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #1542

open

dump-config - extend into multi-detect supplied yaml configuration

Added by Peter Manev about 9 years ago. Updated about 2 years ago.

Status:

Assigned

Priority:

Low

Assignee:

Jason Ish

Target version:

8.0.0-beta1

Effort:

Difficulty:

Label:

Description

It will be useful if "--dump-config" can extend and look into the supplied multi-detect yaml config parameters(homenet/ports/ref/classification...) . Currently it only shows the file "multi-detect.tenants.0.yaml" (example below)

multi-detect = (null)
multi-detect.enabled = yes
multi-detect.selector = vlan
multi-detect.loaders = 1
multi-detect.tenants = (null)
multi-detect.tenants.0 = tenant
multi-detect.tenants.0.tenant = 
multi-detect.tenants.0.id = 1
multi-detect.tenants.0.yaml = /etc/suricata/tenant-1111.yaml
multi-detect.mappings = (null)
multi-detect.mappings.0 = vlan
multi-detect.mappings.0.vlan = 
multi-detect.mappings.0.vlan-id = 1155
multi-detect.mappings.0.tenant-id = 1

I guess equally desirable would be to be able to override multi-detect supplied yaml config parameters on the command line as well (example):
--set "multi-detect.tenants.0.yaml.vars.address-groups.HOME_NET = [10.10.10.0/24]"

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #1542

dump-config - extend into multi-detect supplied yaml configuration

Updated by Jason Ish about 9 years ago

Updated by Andreas Herz almost 9 years ago

Updated by Victor Julien about 5 years ago

Updated by Jason Ish over 4 years ago

Updated by Victor Julien over 4 years ago

Updated by Victor Julien about 2 years ago

Updated by Victor Julien about 2 years ago