did my signature in site loaded?

Ong_hean_kuan · August 26, 2006, 11:27am

I am a new user here, I have doubt.

I have a signature.sig in site folder and my site/mydomain.bro looks as bellow,

Make any changes to policy starting HERE:

To run signatures, uncomment the following line.

@load brolite-sigs

@ifdef ( use_signatures )

Load Bro signatures. This is the default file containing Bro

signatures.

redef signature_files += “signatures”;
@endif

Did my signature loaded? it seems that # @load brolite-sigs is commented
How to ensure which signature is loaded and which is not?

robin · August 29, 2006, 3:53am

"use_signatures" is only defined when brolite-sigs is loaded so, no,
the signatures are not used in this case. The most direct way to
make sure that a signature file is loaded, is to use the "redef"
line just by itself:

redef signature_files += "signatures";

I.e., no @ifdef/@endif around it.

Hope this helps,

Robin

Topic		Replies	Views
Help Zeek	1	94	May 6, 2022
A question about loading signature files Zeek	6	72	May 6, 2022
Help Zeek	1	112	May 6, 2022
Signatures Zeek	15	133	May 6, 2022
useful *.bro files repository? Zeek	2	102	May 6, 2022