Where to find details on each threat definition?

DVB · August 5, 2024, 3:17pm

Does exist somewhere a place where I can read about a particular threat definition ID if I want to know more about?

ishaughnessy · August 5, 2024, 4:15pm

Hey @DVB ,

Welcome to the community and thanks for posting! You can find the descriptions for rules in the SID-Descriptions-ETOpen.json.gz file on our rulesets portal.

Not every rule has a description but we are working to make sure rules going forward have a description added. If there is a specific rule you have questions that is lacking a description or you need additional details always feel free to reach out!

Here are the links for each engine (the descriptions will be the same regardless of engine).

Thanks,
Isaac

Topic		Replies	Views
About the Rule Signatures category Rule Signatures	0	1599	September 12, 2022
Frequently Asked Questions Wiki	0	8370	September 26, 2022
Doc.emergingthreats.net, Reference information Feedback & Support suricata	5	464	March 18, 2024
Signature ID Allocation Ranges Wiki	0	905	April 19, 2023
ET Malware - Socks5Systemz Rule Signatures	15	1327	January 17, 2024

Where to find details on each threat definition?

Snort

Suricata 4

Suricata 5

Suricata 7.0.3

Related topics