rules

scripts/services/wazuh/suricata/suricata_init.sh

@@ -55,6 +55,16 @@ fi
 # sudo chown root:root /etc/rsyslog.d/20-suricata.conf
 # sudo systemctl restart rsyslog
 
+# rules
+pushd .
+cd /tmp
+wget https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz
+tar zxvf emerging.rules.tar.gz
+sudo -E rm /etc/suricata/rules/* -f
+sudo -E mv rules/*.rules /etc/suricata/rules/
+popd
+
+# suricata yaml
 sudo -E rm -f /etc/suricata/suricata.yaml
 sudo -E wget -O /etc/suricata/suricata.yaml http://www.branchnetconsulting.com/wazuh/suricata.yaml