rules.py
Ruleset configuration objects for Suricata
To import...
from dynamite_nsm.services.base.config_objects.suricata import rules as suricata_config_rules
Rule
__init__(self, name, enabled=False)
special
Represents a Suricata ruleset that can be enabled or disabled.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
name |
str |
The name of the ruleset |
required |
enabled |
Optional[bool] |
Whether the ruleset is enabled |
False |
Source code in dynamite_nsm/services/base/config_objects/suricata/rules.py
def __init__(self, name: str, enabled: Optional[bool] = False):
"""
Represents a Suricata ruleset that can be enabled or disabled.
Args:
name: The name of the ruleset
enabled: Whether the ruleset is enabled
"""
self.value = None
self.name = name
content = self.get_contents()
super().__init__(name, enabled, content=content)
get_contents(self)
Get the content of the Suricata rule file.
Returns:
| Type | Description |
|---|---|
|
The contents of the Suricata rule |
Source code in dynamite_nsm/services/base/config_objects/suricata/rules.py
def get_contents(self):
"""Get the content of the Suricata rule file.
Returns:
The contents of the Suricata rule
"""
env = utilities.get_environment_file_dict()
suricata_rules_root = f"{env.get('SURICATA_CONFIG', const.CONFIG_PATH)}/rules"
path_match_1 = f'{suricata_rules_root}/{self.name}'
if os.path.exists(path_match_1):
with open(path_match_1) as content_rule_in:
return content_rule_in.read(5120)
return None
Rules
__init__(self, rules=None)
special
A collection of Suricata rulesets
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
rules |
Optional[List[dynamite_nsm.services.base.config_objects.suricata.rules.Rule]] |
A list of Rule objects |
None |
Source code in dynamite_nsm/services/base/config_objects/suricata/rules.py
def __init__(self, rules: Optional[List[Rule]] = None):
"""A collection of Suricata rulesets
Args:
rules: A list of Rule objects
"""
super().__init__(rules)
self.rules = self.analyzers