Update 100002-suricata.xml

2025-10-23 08:12:16 +00:00 · 2023-03-16 15:59:23 -05:00
parent c3d681eff8
commit 3654530fc0
1 changed files with 38 additions and 32 deletions
--- a/Suricata/100002-suricata.xml
+++ b/Suricata/100002-suricata.xml
@@ -1,7 +1,8 @@
 <!-- Suricata Rules -->
 <group name="suricata,netflow">
-	<rule id="100002" level="3">
+        <rule id="100002" level="1">
                <if_sid>86600</if_sid>
+                <options>no_full_log</options>
                <description>Suricata Traffic - $(event_type).</description>
        </rule>
 </group>
@@ -9,13 +10,15 @@
        <rule id="100003" level="10">
                <if_sid>86601</if_sid>
                <field name="alert.severity">2</field>
+                <options>no_full_log</options>
                <description>Suricata Alert - $(alert.signature). Signature ID: $(alert.signature_id).</description>
        </rule>
 </group>
 <group name="suricata,suricata_severity1">
-	<rule id="100004" level="13">
+        <rule id="100004" level="10">
                <if_sid>86601</if_sid>
                <field name="alert.severity">1</field>
+                <options>no_full_log</options>
                <description>Suricata Alert - $(alert.signature). Signature ID: $(alert.signature_id).</description>
        </rule>
 </group>
@@ -23,25 +26,28 @@
        <rule id="100005" level="5">
                <if_sid>86601</if_sid>
                <field name="alert.severity">3</field>
+                <options>no_full_log</options>
                <description>Suricata Alert - $(alert.signature). Signature ID: $(alert.signature_id).</description>
        </rule>
 </group>
 <group name="suricata,suricata_http">
-	<rule id="100006" level="3">
+        <rule id="100006" level="1">
                <if_sid>86602</if_sid>
+                <options>no_full_log</options>
                <description>Suricata HTTP Traffic.</description>
        </rule>
 </group>
 <group name="suricata,suricata_dns">
-	<rule id="100007" level="3">
+        <rule id="100007" level="1">
                <if_sid>86603</if_sid>
+                <options>no_full_log</options>
                <description>Suricata DNS Traffic.</description>
        </rule>
 </group>
 <group name="suricata,suricata_tls">
-	<rule id="100008" level="3">
+        <rule id="100008" level="1">
                <if_sid>86604</if_sid>
+                <options>no_full_log</options>
                <description>Suricata TLS Traffic.</description>
        </rule>
 </group>
-