OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • custom.yaml
« previous next »
  • Print
Pages: [1]

Author Topic: custom.yaml  (Read 1001 times)

JohnnyBeee

  • Newbie
  • *
  • Posts: 38
  • Karma: 0
    • View Profile
custom.yaml
« on: July 27, 2018, 08:25:45 am »
Hi..

On this page (https://forum.opnsense.org/index.php?topic=7853.msg36325#msg36325) a new feature was announced: "intrusion detection: provide custom.yaml for user edits"

Has anybody used this feature? How does it work? What's the syntax?

Thanks for any help.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 4610
  • Karma: 317
    • View Profile
Re: custom.yaml
« Reply #1 on: July 27, 2018, 09:06:35 am »
It lets you edit the file via CLI or scripting, the syntax is normal Suricata style, so you should know what you do when you edit stuff in there.
Logged
IRC: mimugmail
Twitter: mimu_muc
WWW: www.routerperformance.net

JohnnyBeee

  • Newbie
  • *
  • Posts: 38
  • Karma: 0
    • View Profile
Re: custom.yaml
« Reply #2 on: July 27, 2018, 09:37:55 am »
Quote from: mimugmail on July 27, 2018, 09:06:35 am
It lets you edit the file via CLI or scripting, the syntax is normal Suricata style, so you should know what you do when you edit stuff in there.

Thanks.

So if for example I have this entry in suricata.yuml

detect-engine:
  - profile: medium

I would put this in custom.yuml to overwrite the value?

detect-engine:
  - profile: high
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • custom.yaml
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2020 All rights reserved
  • SMF 2.0.17 | SMF © 2019, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2