[Oisf-users] suricata.yaml question

Edgmand, Craig craig.edgmand at okstate.edu
Tue Jan 15 19:32:52 UTC 2019


       You just need to run the command ‘kill –USR2 PID of Suricata’ to reread the yaml files or add/drop rules.  No reboot required.


From: Oisf-users <oisf-users-bounces at lists.openinfosecfoundation.org> On Behalf Of Leonard Jacobs
Sent: Tuesday, January 15, 2019 12:56 PM
To: oisf-users at lists.openinfosecfoundation.org
Subject: [Oisf-users] suricata.yaml question

**External Email - Please verify sender email address before responding.**
When making changes to the yaml file, does it require a reboot?  So ,if changes are made to which rule sets are enable or disabled in the suricata.yaml file does that require a reboot?



This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please notify Netsecuris management at mgmt at netsecuris.com<mailto:mgmt at netsecuris.com>. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Netsecuris Inc. The integrity and security of this message cannot be guaranteed on the Internet
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190115/ddd7a61d/attachment-0001.html>

More information about the Oisf-users mailing list