mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 lines
782 B
ReStructuredText
21 lines
782 B
ReStructuredText
Lua usage in Suricata
|
|
=====================
|
|
|
|
Lua scripting can be used in two components of Suricata. The first is in
|
|
output and the second one in rules in the detection engine.
|
|
|
|
Both features are using a list of functions to access the data extracted by
|
|
Suricata. You can get the list of functions in the :ref:`lua-functions` page.
|
|
|
|
.. note:: Currently, there is a difference in the ``needs`` key in the ``init`` function, depending on what is the usage: ``output`` or ``detection``. The list of available functions may also differ.
|
|
|
|
Lua output
|
|
----------
|
|
|
|
Lua can be used to write arbitrary output. See :ref:`lua-output` for more information.
|
|
|
|
Lua detection
|
|
-------------
|
|
|
|
Lua script can be used as a filter condition in signatures. See :ref:`lua-detection` for more information.
|