Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define flag regex per service instead of global #21

Open
Fxr12042 opened this issue Apr 25, 2023 · 1 comment
Open

Define flag regex per service instead of global #21

Fxr12042 opened this issue Apr 25, 2023 · 1 comment

Comments

@Fxr12042
Copy link

Not all CTF's maintain flag format over different services. It would be good to either define a global flag format or define format (based on regex) per service, preferably in configurations.py with the services definitions
@RickdeJager
Copy link
Member

I agree this would be a useful feature to have, but imo it would be better to move the config to some central format that both the webserver and the importer can understand.

I'm quite busy at the moment, and with ICSC (and ECSC) around the corner it will be a while before this repo sees any new big features.

To work around this shortcoming, what you could do is use the Suricata plugin to populate the tags. That way you can use all of the context that Suricata provides to create separate alert rules for each flag format

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RickdeJager @Fxr12042