Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
Recently published on the Suricata Wiki, some example of rules for detecting anomalies.
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Protocol_Anomalies_Detection
F.