[Oisf-users] Suricata Rule Reload
Leonard Jacobs
ljacobs at netsecuris.com
Thu Jul 30 02:33:19 UTC 2015
Did you enable the feature in your suricata.yaml file?
# When rule-reload is enabled, sending a USR2 signal to the Suricata process
# will trigger a live rule reload. Experimental feature, use with care.
#- rule-reload: true
# If set to yes, the loading of signatures will be made after the capture
# is started. This will limit the downtime in IPS mode.
#- delayed-detect: yes
From: oisf-users-bounces at lists.openinfosecfoundation.org [mailto:oisf-users-bounces at lists.openinfosecfoundation.org] On Behalf Of Saxena, Samiksha
Sent: Wednesday, July 29, 2015 3:31 PM
To: oisf-users
Subject: [Oisf-users] Suricata Rule Reload
Hi,
I am trying to reload the rules based on this document: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Live_Rule_Swap
When I tried the command Kill -USR2 PID, nothing happens, and new rules are not getting loaded. If I do Kill -9 it does kill the suricata. Am I missing something?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150729/a58284d6/attachment-0002.html>
More information about the Oisf-users
mailing list