Feature Request: Suricata version override for rulecat?
valorcz opened this issue · 3 comments
valorcz commented
I am merging Suricata ET rules on a server where Suricata daemon is not present, but I know which version of it runs on the boxes. However, rulecat doesn't use '-enhanced' ruleset in such a case, it goes with '-1.3' only.
Would it be possible to add an option with Suricata version override? Or just an option instructing rulecat to download and use the enhanced ruleset?
jasonish commented
For now you could specify the URL with the --url parameter, that will override the default URL used which does take the Suricata version into account.
valorcz commented
Great point, thanks!