Skip to content
Suricata-Check

Made sample workflow #3

Sign in to view logs

Made sample workflow

Made sample workflow #3

Triggered via push January 18, 2025 13:54
@Koen1999Koen1999
pushed 3d8b928
main
Status Success
Total duration 25s
Artifacts

python-pr.yml

on: push
Suricata-Check
17s
Suricata-Check
Fit to window
Zoom out
Zoom in

Annotations

1 error, 4 warnings, and 10 notices
MandatoryChecker - M001: suricata.rules#L1
The rule did not specify a sid, which is a mandatory field.
Suricata-Check
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Suricata-Check
The `python-version` input is not set. The version of Python currently in `PATH` will be used.
Suricata-Check
Cache paths are empty. Please check the previous logs and make sure that the python version is specified
MsgChecker - S406: suricata.rules#L1
The rule specifies a domain name without escaping the label seperators. Consider escaping the domain names by putting a space before the dot like `foo .bar` to prevent information leaks.
BestChecker - C100: suricata.rules#L1
The rule does not use the `target` Suricata meta option. Consider adding the `target` option to specify which IP address is the target of the attack.
BestChecker - C101: suricata.rules#L1
The rule does not use set the `created_at` metadata option. Consider adding the `created_at` metadata option to inform users of the recency of this signature.
MetadataChecker - S800: suricata.rules#L1
The rule did not specify the `attack_target` metadata option. Consider specifying the `attack_target` metadata option to help analysts interpret alerts raised by this rule.
MetadataChecker - S801: suricata.rules#L1
The rule did not specify the `signature_severity` metadata option. Consider specifying the `signature_severity` metadata option to help analysts interpret alerts raised by this rule.
MetadataChecker - S802: suricata.rules#L1
The rule did not specify the `performance_impact` metadata option. Consider specifying the `performance_impact` metadata option to help SOCs determine when to enable this rule.
MetadataChecker - S803: suricata.rules#L1
The rule did not specify the `deployment` metadata option. Consider specifying the `deployment` metadata option to help SOCs determine when to enable this rule.
MsgChecker - S400: suricata.rules#L1
The rule has a non-standard format for the msg field. Consider changing the msg field to `RULESET CATEGORY Description`.
OverallChecker - S000: suricata.rules#L1
The rule did not specificy an inbound or outbound direction. Consider constraining the rule to a specific direction such as INBOUND or OUTBOUND traffic.
PrincipleChecker - P001: suricata.rules#L1
No Successful Malicious Action, the rule does not distinguish between successful and unsuccessful malicious actions, making it potentially noisy.
PrincipleChecker - P002: suricata.rules#L1
No Alert Throttling, the rule does not utilize the threshold limit option` to prevent alert flooding, making it potentially noisy. Consider setting a threshold limit to prevent alert flooding. Using track by_both is considered to be safe if unsure which to use.