include = 'snort3_community.rules'

[ZdenekChladek_cyber <cyber () dopis cz>]

Hello,
Could You please clarify, how to prepare the config to use 
community.rules ?
when I uncommented parameter include = 'snort3_community.rules' Snort 
return error:

Loading /usr/local/snort/etc/snort/snort.lua:
FATAL: can't load /usr/local/snort/etc/snort/snort.lua: 
/usr/local/snort/etc/snort/snort.lua:209: '}' expected (to close '{' at 
line 197) near 'rules'
Fatal Error, Quitting..
part of my configuration where are the records about the community.rules

ips =
{
        mode = tap,

        -- use this to enable decoder and inspector alerts
        enable_builtin_rules = true,

        -- use include for rules files; be sure to set your path
        -- note that rules files can include other rules files

-- THIS PARAMETER IS FROM DEFAULT INSTALLATION - FOR WHAT IS IT?
        -- include = 'snort3_community.rules'

	-- The following include syntax is only valid for BUILD_243 
(13-FEB-2018) and later
        -- RULE_PATH is typically set in snort_defaults.lua
    rules = [[

-- THIS PARAMETER HAS BEEN ADD MANUALLY BY ME
        include $RULE_PATH/snort3-community.rules

        include $RULE_PATH/snort3-app-detect.rules
        include $RULE_PATH/snort3-browser-chrome.rules
        include $RULE_PATH/snort3-browser-firefox.rules
        include $RULE_PATH/snort3-browser-ie.rules
        include $RULE_PATH/snort3-browser-other.rules
        include $RULE_PATH/snort3-browser-plugins.rules
Thank You
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette