[Oisf-users] Live rule swap not working?
Victor Julien
lists at inliniac.net
Wed Apr 27 20:10:10 UTC 2016
On 27-04-16 21:47, John Daly wrote:
> It seems that live rule swap doesn't work in my Suricata deployment. As
> far as I understand it, my suricata.log should show that the process is
> reloading rules after kill -USR2 <suricata pid>, my suricata.log is
> empty. Am I missing something?
>
> [root at host1 ~]# ps aux | grep -i suricata
>
> suri 11622 855 10.9 27780748 21623588 ? Ssl Apr20 85922:03
> /opt/*suricata*/bin/*suricata*--netmap=eno49 --netmap=ens3f0 -c
> /opt/*suricata*/etc/*suricata*/*suricata*.yml -D
>
> [root at host1 ~]# kill -USR2 11622
>
> [root at host1 log]# cat suricata.log
>
> [root at host1 log]#
>
> I'm running Suricata 3.0, Centos 7.1, starting Suricata via systemd,
> acquiring packets via Netmap.
We did a lot of fixes in 3.0.1 related to rule reloads, so I would
suggest updating first.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list