From 2b5592cfa6bdf8f00ecf7528bea669e0e233b9d7 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 9 Jul 2018 21:50:44 +0200 Subject: [PATCH] fix: [suricata] allow multiple Suricata rules in the object (similar context) and fix the rule to be in Snort format Fix #106 --- objects/suricata/definition.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/objects/suricata/definition.json b/objects/suricata/definition.json index ddbe458..dce6dea 100644 --- a/objects/suricata/definition.json +++ b/objects/suricata/definition.json @@ -4,14 +4,15 @@ ], "attributes": { "comment": { - "description": "A description of the Suricata rule.", + "description": "A description of the Suricata rule(s).", "ui-priority": 0, "misp-attribute": "comment" }, "suricata": { "description": "Suricata rule.", "ui-priority": 0, - "misp-attribute": "suricata" + "misp-attribute": "snort", + "multiple": true }, "version": { "description": "Version of the Suricata rule depending where the suricata rule is known to work as expected.", @@ -24,8 +25,8 @@ "ui-priority": 0 } }, - "version": 1, - "description": "An object describing a Suricata rule along with its version and context", + "version": 2, + "description": "An object describing one or more Suricata rule(s) along with version and contextual information.", "meta-category": "network", "uuid": "3c177337-fb80-405a-a6c1-1b2ddea8684a", "name": "suricata"