Hii I am using suricata 6.0.13.I have installed suricata in my two servers one without internet and one with internet .On my internet server I can update rules by running suricata-update.But i wanted to know is there a way to download these rules so that i can install it on the server which doesnt have net connection.Currently on server without internet I only have 371 rules
You can manually install the rule files.
suricata.yaml (Suricata’s configuration file) contains a setting for default-rule-path and rule-files.
Place the rule files into the directory listed in default-rule-path and adjust the name to match the actual rule file name for the entry in rule-files.
You can either
- sudo kill -SIGUSR2 $(pidof suricata)
- Restart suricata
to load the new rules.
Thanks for your reply.I will try that
Adding to Jeff’s wonderful answer, you can also use suricatasc to reload rules during runtime without having to kill Suricata. 9.3. Rule Reloads — Suricata 7.0.1-dev documentation
will do that thanks for your reply