Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.
weslambert edited this page Oct 2, 2017 · 8 revisions

Configuration

Rulesets are chosen during setup and are specified in /etc/nsm/pulledpork/pulledpork.conf.
If you change the the configuration in pulledpork.conf, then you will need to run rule-update (if in a server/sensor deployment, run rule-update on the master first, then the sensor, or wait for it to be replicated).

Security Onion offers the following choices for rulesets to be used by Snort/Suricata:

Clone this wiki locally