Comments (5)
I think it is a good idea to be able to enable all rules present in a rulefile. The end user however needs to be aware there could potentially be unwanted consequences - aka duplicates, perf hit, FPs etc.
from scirius.
I don't think enabling commented rules is a good idea. There will be too much noise. My idea is to:
- parse them
- add them to categories
- add them to disabled rules
This way we get exactly what rules writer wanted to do.
from scirius.
Great idea! This would work great and be very true to what actually really happens... Those rules are disabled!
from scirius.
A few thoughts:
- maybe this is the case already but do you display disable rules by categories you can drill down? I think there are quite a few rules that are commented so you wouldn't just want to list individual rules as a flat list.
- I noticed some disabled rules have double # in front. So parsing only the rules with one # would not be enough
On the last point, this is why I didn't notice the rules were disabled with the original issue (windows download). There were so many lines starting with one # that I thought it was something like #include in C and that you had to have double # for disabling a rule (nothing to do with C)
from scirius.
Implemented in 1.1.2.
from scirius.
Related Issues (20)
- No Capture stats, Memory usage and problem indicators statisctics using the new scirius version HOT 8
- Error add public source HOT 7
- KeyError on Hunt whith latest django-webpack-loader (v1.0.0)
- First start issue HOT 5
- Python 2.7???? HOT 5
- does scirius fetch dashboard from kibana? HOT 1
- Scirius CE v3.7.0 GUI problem in safari 15 HOT 2
- docker: Get cyberchef pre-installed in the docker image HOT 2
- Failed to minify the code from this file: ./node_modules/patternfly-react/dist/esm/common/helpers.js:14 HOT 1
- Logging with python requests library error: Forbidden(403) CSRF verification failed HOT 1
- USE_KIBANA/ELASTICSEARCH=0 ignored, still tries to connect HOT 2
- Set python_requires and clarify Python support
- Number of rules on the source page never increments during updates in Scirius
- How to show more than 20 last rules activity in scirius?
- Batch activate commented rules
- Unable to Build Docker Image
- Fails on sources updating HOT 3
- Suricata won't restart after build & push ruleset HOT 3
- Install issues
- Error reading webpack-stats.prod.json
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scirius.