While the SnortConvertor binary still exists in R80.40, it doesn't seem to work right other than running "dry mode" on a prospective .rules file. Adding and removing SNORT signatures works fine from the SmartConsole but anything other than dry mode with SnortConvertor just seems to throw errors and fail. It also stopped appearing in the official Threat Prevention documentation around R80.20, is it deprecated? Replaced by the API call now?
Attend my online "Be your Own TAC: Part Deux" CheckMates event
March 27th with sessions for both the EMEA and Americas time zones