1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
.. Consider converting `.. description` to `.. option` when the
minimum version of Sphinx on the primary distributions are all
updated to generate duplicate reference links. For example, we
can't use `.. option` on CentOS 7 which has Sphinx 1.1.3, but
Fedora 30 with Sphinx 1.8.4 is fine.
.. Start with the most common basic commands.
.. describe:: shutdown
Shut Suricata instance down.
.. describe:: command-list
List available commands.
.. describe:: help
Get help about the available commands.
.. describe:: version
Print the version of Suricata instance.
.. describe:: uptime
Display the uptime of Suricata.
.. describe:: running-mode
Display running mode. This can either be *workers*, *autofp* or *single*.
.. describe:: capture-mode
Display the capture mode. This can be either of *PCAP_DEV*,
*PCAP_FILE*, *PFRING(DISABLED)*, *NFQ*, *NFLOG*, *IPFW*, *ERF_FILE*,
*ERF_DAG*, *AF_PACKET_DEV*, *NETMAP(DISABLED)*, *UNIX_SOCKET* or
*WINDIVERT(DISABLED)*.
.. describe:: conf-get <variable>
Get configuration value for a given variable. Variable to be provided can be
either of the configuration parameters that are written in suricata.yaml.
.. describe:: dump-counters
Dump Suricata's performance counters.
.. describe:: ruleset-reload-rules
Reload the ruleset and wait for completion.
.. describe:: reload-rules
Alias .. describe *ruleset-reload-rules*.
.. describe:: ruleset-reload-nonblocking
Reload ruleset and proceed without waiting.
.. describe:: ruleset-reload-time
Return time of last reload.
.. describe:: ruleset-stats
Display the number of rules loaded and failed.
.. describe:: ruleset-failed-rules
Display the list of failed rules.
.. describe:: register-tenant-handler <id> <htype> [hargs]
Register a tenant handler with the specified mapping.
.. describe:: unregister-tenant-handler <id> <htype> [hargs]
Unregister a tenant handler with the specified mapping.
.. describe:: register-tenant <id> <filename>
Register tenant with a particular ID and filename.
.. describe:: reload-tenant <id> [filename]
Reload a tenant with specified ID. A filename to a tenant yaml can be
specified. If it is omitted, the original yaml that was used to load
/ last reload the tenant is used.
.. describe:: reload-tenants
Reload all registered tenants by reloading their yaml.
.. describe:: unregister-tenant <id>
Unregister tenant with a particular ID.
.. describe:: add-hostbit <ipaddress> <hostbit> <expire>
Add hostbit on a host IP with a particular bit name and time of expiry.
.. describe:: remove-hostbit <ipaddress> <hostbit>
Remove hostbit on a host IP with specified IP address and bit name.
.. describe:: list-hostbit <ipaddress>
List hostbit for a particular host IP.
.. describe:: reopen-log-files
Reopen log files to be run after external log rotation.
.. describe:: memcap-set <config> <memcap>
Update memcap value of a specified item.
.. describe:: memcap-show <config>
Show memcap value of a specified item.
.. describe:: memcap-list
List all memcap values available.
.. describe:: get-flow-stats-by-id <flow_id>
Display information for a specific flow using ``flow_id`` values.
|
