FreeBSD Manual Pages
SURICATASC(1) Suricata SURICATASC(1) NAME suricatasc - Tool to interact via unix socket SYNOPSIS suricatasc DESCRIPTION Suricata socket control tool COMMANDS shutdown Shut Suricata instance down. command-list List available commands. help Get help about the available commands. version Print the version of Suricata instance. uptime Display the uptime of Suricata. running-mode Display running mode. This can either be workers, autofp or sin- gle. capture-mode Display the capture mode. This can be either of PCAP_DEV, PCAP_FILE, PFRING(DISABLED), NFQ, NFLOG, IPFW, ERF_FILE, ERF_DAG, AF_PACKET_DEV, NETMAP(DISABLED), UNIX_SOCKET or WINDI- VERT(DISABLED). conf-get <variable> Get configuration value for a given variable. Variable to be provided can be either of the configuration parameters that are written in suricata.yaml. dump-counters Dump Suricata's performance counters. ruleset-reload-rules Reload the ruleset and wait for completion. reload-rules Alias .. describe ruleset-reload-rules. ruleset-reload-nonblocking Reload ruleset and proceed without waiting. ruleset-reload-time Return time of last reload. ruleset-stats Display the number of rules loaded and failed. ruleset-failed-rules Display the list of failed rules. register-tenant-handler <id> <htype> [hargs] Register a tenant handler with the specified mapping. unregister-tenant-handler <id> <htype> [hargs] Unregister a tenant handler with the specified mapping. register-tenant <id> <filename> Register tenant with a particular ID and filename. reload-tenant <id> [filename] Reload a tenant with specified ID. A filename to a tenant yaml can be specified. If it is omitted, the original yaml that was used to load / last reload the tenant is used. reload-tenants Reload all registered tenants by reloading their yaml. unregister-tenant <id> Unregister tenant with a particular ID. add-hostbit <ipaddress> <hostbit> <expire> Add hostbit on a host IP with a particular bit name and time of expiry. remove-hostbit <ipaddress> <hostbit> Remove hostbit on a host IP with specified IP address and bit name. list-hostbit <ipaddress> List hostbit for a particular host IP. reopen-log-files Reopen log files to be run after external log rotation. memcap-set <config> <memcap> Update memcap value of a specified item. memcap-show <config> Show memcap value of a specified item. memcap-list List all memcap values available. PCAP MODE COMMANDS pcap-file <file> <dir> [tenant] [continuous] [delete-when-done] Add pcap files to Suricata for sequential processing. The gener- ated log/alert files will be put into the directory specified as second argument. Make sure to provide absolute path to the files and directory. It is acceptable to add multiple files without waiting the result. pcap-file-continuous <file> <dir> [tenant] [delete-when-done] Add pcap files to Suricata for sequential processing. Directory will be monitored for new files being added until there is a use of pcap-interrupt or directory is moved or deleted. pcap-file-number Number of pcap files waiting to get processed. pcap-file-list List of queued pcap files. pcap-last-processed Processed time of last file in milliseconds since epoch. pcap-interrupt Terminate the current state by interrupting directory process- ing. pcap-current Currently processed file. BUGS Please visit Suricata's support page for information about submitting bugs or feature requests. NOTES • Suricata Home Page https://suricata.io/ • Suricata Support Page https://suricata.io/support/ COPYRIGHT 2016-2025, OISF 7.0.10 2025-03-25 SURICATASC(1)
NAME | SYNOPSIS | DESCRIPTION | COMMANDS | PCAP MODE COMMANDS | BUGS | NOTES | COPYRIGHT
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=suricatasc&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>