Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Suricata not updating Snort Subscriber Rules

    IDS/IPS
    2
    3
    109
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jpetovello last edited by jpetovello

      For some reason Suricata isn't downloading the Snort Subscriber Rules list.

      Anyone else experiencing this as well?

      (https://gyazo.com/07a166b2a3f52b94d3bb207f0f2c5083)

      1 Reply Last reply Reply Quote 0
      • bmeeks
        bmeeks last edited by bmeeks

        What version of the Snort Subscriber Rules are you trying to download? Suricata, unlike Snort, cannot automatically determine the "current" version of Snort rules. It will only try to download the exact tarball filename you specify on the GLOBAL SETTINGS tab. The Snort team periodically deprecates older rules versions, so if you have one of those older rules tarball filenames entered on GLOBAL SETTINGS your download will fail because the file has been removed by the Snort team.

        So either post up what you have entered for Snort rules filename on the GLOBAL SETTINGS tab, or go visit https://www.snort.org and see if the filename you have configured is still actually available for download.

        You may also want to review this Sticky Post for tips on using Snort Subscriber Rules with Suricata.

        J 1 Reply Last reply Reply Quote 1
        • J
          jpetovello @bmeeks last edited by

          @bmeeks

          Thank you for the response. I didn't have the proper tarball file name set, but after doing so everything is working great.

          Also the sticky you provided was a good read.

          Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy