doc: improve suricata-update docs now that its bundled

pull/3321/head
Victor Julien 7 years ago
parent ac1ed24cb4
commit b531e7725d

@ -1,6 +1,8 @@
Rule Management with Oinkmaster
===============================
.. note:: ``suricata-update`` is the official and recommended way to
update and manage rules and rulesets. See :doc:`suricata-update`
It is possible to download and install rules manually, but there is a
much easier and quicker way to do so. There are special programs which

@ -1,20 +1,16 @@
Rule Management with Suricata-Update
====================================
.. note:: ``suricata-update`` is in active development and is not yet
considered 'production quality'. Proceed with care.
While it is possible to download and install rules manually, it is
recommended to use a management tool for this. Suricata-Update is the
official way to update and manage rules for Suricata.
Suricata-update is bundled with Suricata and is normally installed
with it. For instructions on installing manually, see http://suricata-update.readthedocs.io/en/latest/quickstart.html#install-suricata-update
To install suricata-update
::
sudo apt install python-pip python-yaml
sudo pip install --pre --upgrade suricata-update
.. note:: ``suricata-update`` is bundled with Suricata version 4.1 and
later. It can be used with older versions as well. It will
have to be installed separately in that case.
To download the Emerging Threats Open ruleset, it is enough to simply run:
@ -69,6 +65,9 @@ This will give a result similar to
.. image:: suricata-update/suricata-update.png
Each of the rulesets has a name that has a 'vendor' prefix, followed by a
set name. For example, OISF's traffic id ruleset is called 'oisf/trafficid'.
To enable 'oisf/trafficid', enter:
::

Loading…
Cancel
Save