Feature Request: Suricata version override for rulecat?

Question

Feature Request: Suricata version override for rulecat?

valorcz opened this issue 7 years ago · 3 comments

I am merging Suricata ET rules on a server where Suricata daemon is not present, but I know which version of it runs on the boxes. However, rulecat doesn't use '-enhanced' ruleset in such a case, it goes with '-1.3' only.

Would it be possible to add an option with Suricata version override? Or just an option instructing rulecat to download and use the enhanced ruleset?

Answer 1 · 2017-01-03T17:08:40.000Z

For now you could specify the URL with the --url parameter, that will override the default URL used which does take the Suricata version into account.

Answer 2 · 2017-01-03T17:09:15.000Z

Great point, thanks!

Answer 3 · 2017-03-07T16:44:22.000Z

There is now a "--suricata-version " command line argument to idstools-rulecat.

Commit:
02db0c6

Included in idstools v0.5.6.