Detection Rule Tuning

Like firewalls and IDSes, any signature-based tool will require some tuning to fit your environment so you may need to permanently or temporarily exclude certain rules.

You can add a rule ID (Example: 4fe151c2-ecf9-4fae-95ae-b88ec9c2fca6) to rules/config/exclude_rules.txt in order to ignore any rule that you do not need or cannot be used.

You can also add a rule ID to rules/config/noisy_rules.txt in order to ignore the rule by default but still be able to use the rule with the -n or --enable-noisy-rules option.

Hayabusa

General

About Hayabusa
- Main Goals

Preparation

Running Hayabusa

Usage

Hayabusa Rules

Other

日本語版はこちら(Japanese Translation ver.)

Hayabusaについて

Hayabusaについて
- 主な目的

準備

Hayabusaの準備

Detection Rule Tuning

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Hayabusa

General

Preparation

Usage

Hayabusa Rules

Other

Hayabusaについて

準備

使用方法

Hayabusaルール

その他

Clone this wiki locally