actions_ids.conf 1.68 KB
Newer Older
1 2 3 4 5
[list.classtypes]
command:/usr/local/opnsense/scripts/suricata/listClasstypes.py
parameters:
type:script_output
message:request suricata classtypes
6

7 8
[list.installablerulesets]
command:/usr/local/opnsense/scripts/suricata/listInstallableRulesets.py
9 10 11 12
parameters:
type:script_output
message:request installable rules

13 14 15 16 17 18
[install.rules]
command:/usr/local/opnsense/scripts/suricata/installRules.py
parameters:
type:script
message:install suricata rules

19 20 21 22 23 24
[list.alertlogs]
command:/usr/local/opnsense/scripts/suricata/listAlertLogs.py
parameters:
type:script_output
message:list available suricata alert logs

25 26 27 28 29 30
[query.rules]
command:/usr/local/opnsense/scripts/suricata/queryInstalledRules.py
parameters:/limit %s /offset %s /filter %s /sort_by %s
type:script_output
message:request installed suricata rules

31 32
[query.alerts]
command:/usr/local/opnsense/scripts/suricata/queryAlertLog.py
33
parameters:/limit %s /offset %s /filter %s /fileid %s
34 35 36
type:script_output
message:query suricata alerts

37 38 39 40 41 42 43
[stop]
command:/usr/local/etc/rc.d/suricata stop
parameters:
type:script
message:stop suricata daemon

[start]
44
command:/usr/local/opnsense/scripts/suricata/setup.sh;/usr/local/etc/rc.d/suricata start
45 46 47 48 49 50 51 52 53 54 55
parameters:
type:script
message:start suricata daemon

[restart]
command:/usr/local/etc/rc.d/suricata restart
parameters:
type:script
message:restart suricata daemon

[status]
56
command:/usr/local/etc/rc.d/suricata status || exit 0
57 58 59
parameters:
type:script_output
message:get suricata daemon status
60 61

[update]
62
command:/usr/local/opnsense/scripts/suricata/rule-updater.py && /usr/local/opnsense/scripts/suricata/installRules.py && pkill -USR2 suricata
63 64 65
parameters:
type:script
message:update and reload suricata rules
66
description: update IDS rules