"
@gctwnl
Did you check the log? I tried to add Threatfox but found that it didn't complete either.
The log shows:
So it would appear there is a missing ";" on the line.
I need to recheck the rule file.
Did you check the log? I tried to add Threatfox but found that it didn't complete either.
The log shows:
Code Select
Error suricata [100110] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert dns $HOME_NET any -> $EXTERNAL_NET any (msg:"ThreatFox payload delivery (domain - confidence level: 50%)"; dns_query; content:"slotgamings.com"; depth:15; fast_pattern; isdataat:!1,relative; nocase; reference:url, threatfox.abuse.ch/ioc/1047040/; target:src_ip; metadata: confidence_level 50, first_seen 2022_12_14; classtype:trojan-activity; sid:9104704" from file /usr/local/etc/suricata/opnsense.rules/abuse.ch.threatfox.rules at line 70885
Error suricata [100110] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - no terminating ";" found
So it would appear there is a missing ";" on the line.
I need to recheck the rule file.
