Does Suricata monitor suricata.yaml for changes?

Hi all,

Is there a way to have Suricata monitor the suricata.yaml file it is using for handling configuration changes ?

My scenario is having to update the DEFAULT_HOME variable

If its not supported, does kill -HUP is my viable option ?



Hi Shany, it does not. When you issue a rule reload it will reload parts of the config that apply to the rules.

An address variable like $HOME_NET or a custom one like your $DEFAULT_HOME should be reloaded then.

There are several ways to trigger the reload: