securityonion FIX: When NIDS rules update, ask Suricata to reload rules rather than restart

FIX: When NIDS rules update, ask Suricata to reload rules rather than restart

Open dougburks opened this issue 3 years ago • 0 comments

Hello all,

SO standalone install 2.3.40 updated to 2.3.70 Hotfix [GRAFANA_DASH_ALLOW] ZEEK metadata

8 vCPU 24 GB vRAM 2.5 TB diskspace

After updating from 2.3.61 Hotfix [STENO, MSEARCH] to 2.3.70 Hotfix [GRAFANA_DASH_ALLOW], I did see that the suricata docker reboots every 24h, is this normal?

Knipsel

When I look in the suricata logs I don't see any errors (/opt/so/log/suricata/)

regards Bart

Originally posted by @sleepingbel in https://github.com/Security-Onion-Solutions/securityonion/discussions/5330

Aug 30 '21 10:08 dougburks

securityonion securityonion copied to clipboard

FIX: When NIDS rules update, ask Suricata to reload rules rather than restart

securityonion
securityonion copied to clipboard