Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Distribute Suricata rule configuration to additional FWs
« previous
next »
Print
Pages: [
1
]
Author
Topic: Distribute Suricata rule configuration to additional FWs (Read 1426 times)
techadmin
Newbie
Posts: 2
Karma: 0
Distribute Suricata rule configuration to additional FWs
«
on:
June 28, 2023, 11:35:48 am »
We are using OPNsense + Suricata at several sites and would like to transfer the Suricata rule settings made at the main site to all other sites automatically (e.g. via SSH).
(specifically the configuration "Services" -> "Intrusion Detection" -> "Policy" -> "Rule adjustments" in the web interface).
In /usr/local/etc/suricata/rules.config you will find exactly this information, but it is not sufficient to simply transfer this file to the other FWs via SSH. In the web interface (above path) the configuration from the inserted rules.config is not displayed even after a Suricata service restart.
Is it still necessary to read in the rules.config manually via a Suricata command?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Distribute Suricata rule configuration to additional FWs