Add enable.conf and replace /bin to /usr/bin for suricata binary

nttcom · Dec 12, 2024 · 5fac061 · 5fac061
1 parent d8011e8
commit 5fac061
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 1 deletion.
diff --git a/osect_sensor/Infrastructure/edge_cron/Dockerfile b/osect_sensor/Infrastructure/edge_cron/Dockerfile
@@ -156,7 +156,7 @@ RUN zkg install icsnpp-modbus --version 03de54df8b0a8c1e6264876167f80dccae74902a
 COPY --from=build-env /usr/local/bin /usr/local/bin
 COPY --from=build-env /usr/local/lib /usr/local/lib
 COPY --from=build-env /etc/suricata /etc/suricata
-COPY --from=build-env /bin/suricata* /bin/
+COPY --from=build-env /usr/bin/suricata* /bin/
 COPY --from=build-env /var/lib/suricata /var/lib/suricata
 COPY --from=build-env /usr/lib/suricata /usr/lib/suricata
 COPY --from=build-env /usr/share/suricata /usr/share/suricata

diff --git a/osect_sensor/conf/enable.conf b/osect_sensor/conf/enable.conf
@@ -0,0 +1,28 @@
+# suricata-update - enable.conf
+# assessment reports-sid
+2006380
+2006402
+# AMFSEC-sid
+2007802
+2011390
+2011924
+2013171
+2015702
+2017615
+2017616
+2018343
+2021023
+2021024
+2021058
+2024364
+2026008
+2026015
+2031505
+2031602
+2032091
+2033102
+2034508
+2036252
+# modbus-sid
+2009286
+2026005