[Oisf-users] boot sequence completion indicator
Anoop Saldanha
anoopsaldanha at gmail.com
Fri Sep 27 17:47:14 UTC 2013
On Fri, Sep 27, 2013 at 10:23 PM, Theodore Elhourani
<theodore.elhourani at gmail.com> wrote:
> I am currently looking at the log file (suricata.log) to figure out whether suricata has completed its boot up sequence. The suricata.pid is immediately written when the dameon gets started, and therefore cannot be used to tell whether suricata is ready to start processing packets.
>
> Is it possible to programmatically tell whether suricata is ready ? That is other than by parsing the log file and looking for something like "All AFP capture threads are running." ?
>
> I appreciate any pointers/suggestions. Thanks.
Check "unix socket command" mode(not unix socket running mode) -
https://home.regit.org/2012/09/a-new-unix-command-mode-in-suricata/
If we don't have a command to check if it is running or not, it will
be a good addition to have.
--
-------------------------------
Anoop Saldanha
http://www.poona.me
-------------------------------
More information about the Oisf-users
mailing list