But I need to supervise the port remotely every time, not accessing it by ssh , i.e I need continue connection between suricata and this port , how can I do this?
The same way you do forward the traffic to the interface on VM A?
I might misunderstand your setup, maybe you can explain it in a bit more detail or draw a small schema to better understand the actual setup and traffic flow.
there is a switch on VMA, and the enp0s8 port is a mirror port located on this switch, (copies of packets transiting inside the VM A switch are available at the enp0s8 level) so I want to continuously scan this port (enp0s8).
What I would to, is to run tcpdump on that NIC and ideally look into the traffic if it’s the correct one and complete. If not it’s something within the forwarding setup.