beacon rules list - Asymptote

Command Overview

beacon rules list prints the active threat-detection rules used by beacon scan.

Command syntax

beacon rules list [flags]

The output includes each rule id, severity, maturity status, and source. The source shows whether Beacon loaded the rule from the local store or the built-in baseline.

Examples

List active user-mode rules:

List active rules

beacon rules list

List active system-mode rules:

List system-mode rules

sudo beacon rules list --system

Flags

Flag	Description
`--user`	Use per-user endpoint paths. Enabled by default
`--system`	Use system endpoint paths

beacon rules add

Install local rule files into the store.

beacon scan

Run active rules over local telemetry.

beacon rules beacon rules add

⌘I

​Command Overview

​Examples

​Flags

​Related

beacon rules add

beacon scan

Command Overview

Examples

Flags

Related