Updating IDS rules
Information
| Summary: |
Details about updating IDS rules. |
| Environment: |
Product: Flowmon IDS Probe Version: Any Platform: Any |
| Question/Problem Description: |
Is the Suricata properly reloaded when restarting the "flowmon-idsp-suricata-update" service? |
| Steps to Reproduce: | |
| Error Message: | |
| Defect Number: | |
| Enhancement Number: | |
| Cause: | |
| Resolution: |
Custom rules can be added directly to the /data/idsp/user-config/rules directory. The configuration will be applied during the next execution of the Suricata-Update tool. The tool is scheduled to be executed every hour. It is also possible to apply the configuration immediately by restarting the service via the: sudo systemctl restart flowmon-idsp-suricata-update When the service is restarted, the Suricata rules are generated to /data/idsp/rules and Suricata is reloaded via kill -USR2 $(pidof suricata) |
| Workaround: | |
| Notes: | https://support.kemptechnologies.com/hc/en-us/articles/4405949799949--Suricata-IDS-Configuration-and-Tuning- |
Was this article helpful?
0 out of 0 found this helpful