Is there a way to have Suricata monitor the suricata.yaml file it is using for handling configuration changes ?
My scenario is having to update the DEFAULT_HOME variable
If its not supported, does kill -HUP is my viable option ?
Hi Shany, it does not. When you issue a rule reload it will reload parts of the config that apply to the rules.
An address variable like
$HOME_NET or a custom one like your
$DEFAULT_HOME should be reloaded then.
There are several ways to trigger the reload: