installed Analyst VM, but not seeing directories.... #10547
Replies: 2 comments 1 reply
-
|
|
Beta Was this translation helpful? Give feedback.
1 reply
-
|
You should be using a Standalone install of the VM instead of an Analyst VM if you're wanting to create custom NIDS rules. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you!
I will install the standalone and try it out!
… On Jun 8, 2023, at 4:50 PM, Robbie Marshall ***@***.***> wrote:
You should be using a Standalone install of the VM instead of an Analyst VM if you're wanting to create custom NIDS rules.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you authored the thread.
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
I recently created an Analyst VM using securityonion-2.3.230-20230417.iso
I'm trying to create some NIDS local rules as mentioned here:
https://docs.securityonion.net/en/2.3/local-rules.html
When I try changing directories to:
cd /opt/so/saltstack/local/salt/idstools/
It says that directory doesn't exist....
I'm only able to change directory to:
cd /opt/so/saltstack/local/
Once I'm in /opt/so/saltstack/local/ there's nothing in that directory, it's blank.
I also noticed "sudo so-status" doesn't work either, and other "sudo so-" commands don't work? Not sure what's going on.
Am I doing something wrong? I just want to add some custom Suricata rules...
please help!
Beta Was this translation helpful? Give feedback.
All reactions