doc: add missing rule to engine-analysis section

author Juliana Fajardini <jufajardini@oisf.net>

Wed, 7 Jun 2023 19:13:24 +0000 (16:13 -0300)

committer Victor Julien <vjulien@oisf.net>

Thu, 8 Jun 2023 17:32:57 +0000 (19:32 +0200)
author Juliana Fajardini <jufajardini@oisf.net>
Wed, 7 Jun 2023 19:13:24 +0000 (16:13 -0300)
committer Victor Julien <vjulien@oisf.net>
Thu, 8 Jun 2023 17:32:57 +0000 (19:32 +0200)
diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst

index e66b35cda87d226276090bb4bc5b3d079d1142ea..c63f5c878d7fa53b154f0f0633d45c4729b9f864 100644 (file)
--- a/doc/userguide/configuration/suricata-yaml.rst
+++ b/doc/userguide/configuration/suricata-yaml.rst
@@ -2474,6 +2474,8 @@ Example:
    [10703] 26/11/2010 -- 11:41:15 - (detect.c:560) <Info> (SigLoadSignatures)
    -- Engine-Analysis for fast_pattern printed to file - /var/log/suricata/rules_fast_pattern.txt
  
+  alert tcp any any -> any any (content:"Volume Serial Number"; sid:1292;)
+
    == Sid: 1292 ==
    Fast pattern matcher: content
    Fast pattern set: no
author	Juliana Fajardini <jufajardini@oisf.net>
	Wed, 7 Jun 2023 19:13:24 +0000 (16:13 -0300)
committer	Victor Julien <vjulien@oisf.net>
	Thu, 8 Jun 2023 17:32:57 +0000 (19:32 +0200)