Saturday, June 7, 2014

Suricata - Counting enabled rules in the rules directory



One liner:
grep -c ^alert /etc/suricata/rules/*.rules

root@LTS-64-1:~/Downloads/oisf# grep -c ^alert /etc/suricata/rules/*.rules
/etc/suricata/rules/botcc.portgrouped.rules:69
/etc/suricata/rules/botcc.rules:108
/etc/suricata/rules/ciarmy.rules:34
/etc/suricata/rules/compromised.rules:44
/etc/suricata/rules/decoder-events.rules:83
/etc/suricata/rules/dns-events.rules:8
/etc/suricata/rules/drop.rules:26
/etc/suricata/rules/dshield.rules:1
/etc/suricata/rules/emerging-activex.rules:218
/etc/suricata/rules/emerging-attack_response.rules:52
/etc/suricata/rules/emerging-chat.rules:80
/etc/suricata/rules/emerging-current_events.rules:1736
/etc/suricata/rules/emerging-deleted.rules:0
/etc/suricata/rules/emerging-dns.rules:56
/etc/suricata/rules/emerging-dos.rules:37
/etc/suricata/rules/emerging-exploit.rules:218
/etc/suricata/rules/emerging-ftp.rules:60
/etc/suricata/rules/emerging-games.rules:73
/etc/suricata/rules/emerging-icmp_info.rules:14
/etc/suricata/rules/emerging-icmp.rules:0
/etc/suricata/rules/emerging-imap.rules:17
/etc/suricata/rules/emerging-inappropriate.rules:1
/etc/suricata/rules/emerging-info.rules:232
/etc/suricata/rules/emerging-malware.rules:909
/etc/suricata/rules/emerging-misc.rules:26
/etc/suricata/rules/emerging-mobile_malware.rules:98
/etc/suricata/rules/emerging-netbios.rules:421
/etc/suricata/rules/emerging-p2p.rules:117
/etc/suricata/rules/emerging-policy.rules:307
/etc/suricata/rules/emerging-pop3.rules:9
/etc/suricata/rules/emerging-rpc.rules:83
/etc/suricata/rules/emerging-scada.rules:14
/etc/suricata/rules/emerging-scan.rules:196
/etc/suricata/rules/emerging-shellcode.rules:71
/etc/suricata/rules/emerging-smtp.rules:12
/etc/suricata/rules/emerging-snmp.rules:24
/etc/suricata/rules/emerging-sql.rules:191
/etc/suricata/rules/emerging-telnet.rules:5
/etc/suricata/rules/emerging-tftp.rules:13
/etc/suricata/rules/emerging-trojan.rules:2305
/etc/suricata/rules/emerging-user_agents.rules:61
/etc/suricata/rules/emerging-voip.rules:17
/etc/suricata/rules/emerging-web_client.rules:164
/etc/suricata/rules/emerging-web_server.rules:418
/etc/suricata/rules/emerging-web_specific_apps.rules:5406
/etc/suricata/rules/emerging-worm.rules:14
/etc/suricata/rules/files.rules:0
/etc/suricata/rules/http-events.rules:19
/etc/suricata/rules/rbn-malvertisers.rules:0
/etc/suricata/rules/rbn.rules:0
/etc/suricata/rules/smtp-events.rules:6
/etc/suricata/rules/stream-events.rules:45
/etc/suricata/rules/tls-events.rules:10
/etc/suricata/rules/tor.rules:590
root@LTS-64-1:~/Downloads/oisf#



Total rules enabled:
root@LTS-64-1:~/Downloads/oisf# grep ^alert /etc/suricata/rules/*.rules |  wc -l
14718
root@LTS-64-1:~/Downloads/oisf#

No comments:

Post a Comment