aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc/userguide: notes about Lua rules being disabled by default

Browse Source
pull/9032/head
Jason Ish 2 years ago committed by Victor Julien
parent f119b29701
commit 4a97461f9a
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File

14
doc/userguide/configuration/suricata-yaml.rst
Unescape Escape View File

@ -2735,3 +2735,17 @@ you probably want to set `run-as` configuration parameter so as to drop root pri
Beyond suricata.yaml, other ways to harden Suricata are Beyond suricata.yaml, other ways to harden Suricata are
- compilation : enabling ASLR and other exploit mitigation techniques. - compilation : enabling ASLR and other exploit mitigation techniques.
- environment : running Suricata on a device that has no direct access to Internet. - environment : running Suricata on a device that has no direct access to Internet.
Lua
~~~
Suricata 7.0 disables Lua rules by default. Lua rules can be enabled
in the ``security.lua`` section of the configuration file:
::
security:
lua:
# Allow Lua rules. Disabled by default.
#allow-rules: false

4
doc/userguide/rules/lua-detection.rst
Unescape Escape View File

@ -3,6 +3,10 @@
Lua Scripting for Detection Lua Scripting for Detection
=========================== ===========================
.. note:: Lua is disabled by default for use in rules, it must be
enabled in the configuration file. See the ``security.lua``
section of ``suricata.yaml`` and enable ``allow-rules``.
Syntax: Syntax:
:: ::

Write Preview
Loading…
Cancel
Save