Text only | Text with Images

OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: JohnnyBeee on July 27, 2018, 08:25:45 AM

Title: custom.yaml
Post by: JohnnyBeee on July 27, 2018, 08:25:45 AM
Hi..

On this page (https://forum.opnsense.org/index.php?topic=7853.msg36325#msg36325) a new feature was announced: "intrusion detection: provide custom.yaml for user edits"

Has anybody used this feature? How does it work? What's the syntax?

Thanks for any help.
Title: Re: custom.yaml
Post by: mimugmail on July 27, 2018, 09:06:35 AM
It lets you edit the file via CLI or scripting, the syntax is normal Suricata style, so you should know what you do when you edit stuff in there.
Title: Re: custom.yaml
Post by: JohnnyBeee on July 27, 2018, 09:37:55 AM
Quote from: mimugmail on July 27, 2018, 09:06:35 AM
It lets you edit the file via CLI or scripting, the syntax is normal Suricata style, so you should know what you do when you edit stuff in there.

Thanks.

So if for example I have this entry in suricata.yuml

detect-engine:
  - profile: medium

I would put this in custom.yuml to overwrite the value?

detect-engine:
  - profile: high
Text only | Text with Images