Hi all,
Is there a way to have Suricata monitor the suricata.yaml file it is using for handling configuration changes ?
My scenario is having to update the DEFAULT_HOME variable
If its not supported, does kill -HUP is my viable option ?
Best,
Shany
Hi Shany, it does not. When you issue a rule reload it will reload parts of the config that apply to the rules.
An address variable like $HOME_NET or a custom one like your $DEFAULT_HOME should be reloaded then.
There are several ways to trigger the reload:
https://suricata.readthedocs.io/en/suricata-5.0.3/rule-management/rule-reload.html?highlight=reload
2 Likes