From: Victor Julien Date: Thu, 29 Mar 2018 08:15:34 +0000 (+0200) Subject: doc: improve suricata-update docs now that its bundled X-Git-Tag: suricata-4.1.0-rc1~169 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b531e7725da188f15d7abe4b345b5232e70dbf4c;p=thirdparty%2Fsuricata.git doc: improve suricata-update docs now that its bundled --- diff --git a/doc/userguide/rule-management/oinkmaster.rst b/doc/userguide/rule-management/oinkmaster.rst index 3903673848..c8cb56bd94 100644 --- a/doc/userguide/rule-management/oinkmaster.rst +++ b/doc/userguide/rule-management/oinkmaster.rst @@ -1,6 +1,8 @@ Rule Management with Oinkmaster =============================== +.. note:: ``suricata-update`` is the official and recommended way to + update and manage rules and rulesets. See :doc:`suricata-update` It is possible to download and install rules manually, but there is a much easier and quicker way to do so. There are special programs which diff --git a/doc/userguide/rule-management/suricata-update.rst b/doc/userguide/rule-management/suricata-update.rst index 13e055a684..397e628804 100644 --- a/doc/userguide/rule-management/suricata-update.rst +++ b/doc/userguide/rule-management/suricata-update.rst @@ -1,20 +1,16 @@ Rule Management with Suricata-Update ==================================== -.. note:: ``suricata-update`` is in active development and is not yet - considered 'production quality'. Proceed with care. - While it is possible to download and install rules manually, it is recommended to use a management tool for this. Suricata-Update is the official way to update and manage rules for Suricata. +Suricata-update is bundled with Suricata and is normally installed +with it. For instructions on installing manually, see http://suricata-update.readthedocs.io/en/latest/quickstart.html#install-suricata-update -To install suricata-update - -:: - - sudo apt install python-pip python-yaml - sudo pip install --pre --upgrade suricata-update +.. note:: ``suricata-update`` is bundled with Suricata version 4.1 and + later. It can be used with older versions as well. It will + have to be installed separately in that case. To download the Emerging Threats Open ruleset, it is enough to simply run: @@ -69,6 +65,9 @@ This will give a result similar to .. image:: suricata-update/suricata-update.png +Each of the rulesets has a name that has a 'vendor' prefix, followed by a +set name. For example, OISF's traffic id ruleset is called 'oisf/trafficid'. + To enable 'oisf/trafficid', enter: ::