adric.net

AddARule
Login

with stock Security Onion 12.04 (no salt)

Upstream / background

Prerequisites

On Server

vi /etc/nsm/rules/local.rules

## add the rule to the file with no line breaks

sudo rule-update

On Sensor

## either wait for the cron or run

sudo rule-update