Help for Security Onion LOCAL RULES #14368
-
|
I can't edit this file but in this guide it's possible to do it, so I don't understand because I followed the same steps but I'm not able to edit this file. Node that I'm using: Import. Any solution? Here my capture:
Here the guide capture:
|
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
I'm not sure what guide you're using, but it appears to be based on an older version of Security Onion. In the current version of Security Onion, you can add local rules via Detections as shown in the documentation: |
Beta Was this translation helpful? Give feedback.
-
|
Thanks a lot, very helpful. |
Beta Was this translation helpful? Give feedback.
I'm not sure what guide you're using, but it appears to be based on an older version of Security Onion.
In the current version of Security Onion, you can add local rules via Detections as shown in the documentation:
https://docs.securityonion.net/en/2.4/nids.html#adding-new-nids-rules
https://docs.securityonion.net/en/2.4/detections.html