How to have suricata keep parsing a bunch of pcaps?

Hello there,
I wrote a script (by python’s subprocess.call(ex:suricata commands)) and would like to have Suricata looply analyze all the pcap files within a folder on the offline mode.

But what i found was that Suricata initialize itself as a new process everytime it start to read a new pcap file, which takes time a lot. I am wondering if there is a measure to make Suricata initialize just one time and then keep reading files till the end of the list? Thank you!

Hello!

Would pcap-file-continuous be of any help to you?

Edit: We do have a Python tool that calls Suricata and runs commands in runtime mode. :slight_smile: Linked above, it is called suricata socket control.