suricata_check.checkers.interface.checker
The suricata_check.checkers.interface.checker module contains the CheckerInterface.
Implementation of the CheckerInterface is neccessary for checker auto-discovery.
Classes
Interface for rule checkers returning a list of issues. |
Module Contents
- class suricata_check.checkers.interface.checker.CheckerInterface(include: collections.abc.Iterable[str] | None = None)[source]
Interface for rule checkers returning a list of issues.
These checkers are automatically discovered through suricata_check.suricata_check.get_checkers().
Each code should start with an upper case letter (may be multiple), followed by three digits. In other words, each code should follow the following regex [A-Z]{1,}[0-9]{3}
We recommend using a letter to indicate the category of the issue, such as described in README.md. Moreover, we suggest to reserve certain ranges of numbers for each checker.
Initializes the checker given a list of issue codes to emit.
- check_rule(rule: idstools.rule.Rule) suricata_check.utils.checker_typing.ISSUES_TYPE[source]
Checks a rule and returns a list of issues found.
- codes: collections.abc.Mapping[str, collections.abc.Mapping[str, int]]
A Mapping of issue codes emitted by the checker to metadata for those issue types. The metadata is structured in the form of a Mapping from attribute name to attribute value. The one mandatory metadata attribute is severity, which must be one of the levels provided by the logging module