Log the rules that failed as warnings

CybercentreCanada · Aug 29, 2024 · 52f008d · 52f008d
1 parent b60e78b
commit 52f008d
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/suricata_/suricata_.py b/suricata_/suricata_.py
@@ -100,6 +100,12 @@ def _load_rules(self) -> None:
                         "This can be due to duplication of rules among muliple rulesets being loaded."
                     )
 
+                    # Get the list of rules that failed and log them
+                    ret = self.suricata_sc.send_command("ruleset-failed-stats")
+                    if ret:
+                        for rule in ret.get("message", []):
+                            self.log.warning(f"Rule failed to load: {rule['rule']}")
+
     def get_suricata_version(self):
         return safe_str(subprocess.check_output(["suricata", "-V"]).strip().replace(b"This is Suricata version ", b""))