doc: document dataset-lookup

author Eric Leblond <eric@regit.org>

Mon, 18 Jan 2021 22:41:55 +0000 (23:41 +0100)

committer Victor Julien <vjulien@oisf.net>

Thu, 27 Oct 2022 07:44:20 +0000 (09:44 +0200)
author Eric Leblond <eric@regit.org>
Mon, 18 Jan 2021 22:41:55 +0000 (23:41 +0100)
committer Victor Julien <vjulien@oisf.net>
Thu, 27 Oct 2022 07:44:20 +0000 (09:44 +0200)
diff --git a/doc/userguide/rules/datasets.rst b/doc/userguide/rules/datasets.rst

index 232b59c6984715fabb72c494d701e40dd00e049a..6065e1a2bd907454d478b83b7e4727bd4c9e4f83 100644 (file)
--- a/doc/userguide/rules/datasets.rst
+++ b/doc/userguide/rules/datasets.rst
@@ -184,6 +184,26 @@ set name
  type
    Data type: string, md5, sha256
  
+dataset-lookup
+~~~~~~~~~~~~~~
+
+Unix Socket command to test if data is in a set. 
+
+Syntax::
+
+    dataset-lookup <set name> <set type> <data>
+
+set name
+  Name of an already defined dataset
+type
+  Data type: string, md5, sha256
+data
+  Data to test in serialized form (base64 for string, hex notation for md5/sha256)
+
+Example testing if 'google.com' is in the set 'myset'::
+
+    dataset-lookup myset string Z29vZ2xlLmNvbQ==
+
  dataset-dump
  ~~~~~~~~~~~~
author	Eric Leblond <eric@regit.org>
	Mon, 18 Jan 2021 22:41:55 +0000 (23:41 +0100)
committer	Victor Julien <vjulien@oisf.net>
	Thu, 27 Oct 2022 07:44:20 +0000 (09:44 +0200)