From 1345c6d1cb5a9ac825f4bafc0e2a26d5e4a98e1e Mon Sep 17 00:00:00 2001 From: Shivani Bhardwaj Date: Wed, 14 Aug 2024 12:03:28 +0530 Subject: [PATCH] doc/file-extraction: fix highlight syntax --- doc/userguide/file-extraction/file-extraction.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/userguide/file-extraction/file-extraction.rst b/doc/userguide/file-extraction/file-extraction.rst index b642ed3d2b..482fd18df7 100644 --- a/doc/userguide/file-extraction/file-extraction.rst +++ b/doc/userguide/file-extraction/file-extraction.rst @@ -153,6 +153,7 @@ Or only store files from black list checksum sha1 ? Or finally store files from black list checksum sha256 ? :: + alert http any any -> any any (msg:"Black list checksum match and extract SHA256"; filesha256:fileextraction-chksum.list; filestore; sid:6; rev:1;) Bundled with the Suricata download, is a file with more example rules. In the archive, go to the `rules` directory and check the ``files.rules`` file.