Suricata cannot get the “index.yaml” file?
24/6/2025 -- 15:07:06 - <Info> -- Found Suricata version 7.0.10 at /usr/local/bin/suricata.
24/6/2025 -- 15:07:06 - <Info> -- Downloading https://www.openinfosecfoundation.org/rules/index.yaml
24/6/2025 -- 15:07:36 - <Error> -- Failed to download index: https://www.openinfosecfoundation.org/rules/index.yaml: <urlopen error _ssl.c:999: The handshake operation timed out>
I cannot even load the page with my browser, no error, just time out it seems?
Also tried to switch sources for the file, this environment variable appears to be ignored?
set SOURCE_INDEX_URL="https://raw.githubusercontent.com/OISF/suricata-intel-index/refs/heads/master/index.yaml"
Sorry about that. We’re experiencing an issue at the top of the hour due to multiple simultaneous downloads affecting service. Mitigations have been in place, and I will be monitoring.
However, setting the SOURCE_INDEX_URL environment variable works for me. What shell are you using?
FreeBSD via OPNSense, it would seem most likely /bin/csh