Project

General

Profile

Actions

Feature #1542

open

dump-config - extend into multi-detect supplied yaml configuration

Added by Peter Manev over 9 years ago. Updated about 2 years ago.

Status:
Assigned
Priority:
Low
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

It will be useful if "--dump-config" can extend and look into the supplied multi-detect yaml config parameters(homenet/ports/ref/classification...) . Currently it only shows the file "multi-detect.tenants.0.yaml" (example below)

multi-detect = (null)
multi-detect.enabled = yes
multi-detect.selector = vlan
multi-detect.loaders = 1
multi-detect.tenants = (null)
multi-detect.tenants.0 = tenant
multi-detect.tenants.0.tenant = 
multi-detect.tenants.0.id = 1
multi-detect.tenants.0.yaml = /etc/suricata/tenant-1111.yaml
multi-detect.mappings = (null)
multi-detect.mappings.0 = vlan
multi-detect.mappings.0.vlan = 
multi-detect.mappings.0.vlan-id = 1155
multi-detect.mappings.0.tenant-id = 1

I guess equally desirable would be to be able to override multi-detect supplied yaml config parameters on the command line as well (example):
--set "multi-detect.tenants.0.yaml.vars.address-groups.HOME_NET = [10.10.10.0/24]"

Actions

Also available in: Atom PDF