suricata-check
https://github.com/koen1999/suricata-check
Python
suricata-check is a command line utility to provide feedback on Suricata rules. The tool can detect various issues including those covering syntax validity, interpretability, rule specificity, rule coverage, and efficiency.
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Python not yet supported0 Subscribers
Add a CodeTriage badge to suricata-check
Help out
- Issues
- [NEW RULE ISSUE] Add additional SID Allocations to `SidChecker.py`
- [NEW RULE ISSUE] Rules should set `classtype`
- [NEW RULE ISSUE] Check for usage of `flowbits` `set` in conjunction with `threshold`
- [FEATURE] Display number of suppressed issues in the log
- [FEATURE] Allow `suricata-check` to suppress certain issues when other issues are raised
- [FEATURE] Implement a type of multiprocessing for processing rulesets
- Docs
- Python not yet supported