SYNOPSIS
suricatasc [-h] [-v] [socket]DESCRIPTION
This manual page documents briefly the suricatasc command.suricatasc is a Python script that allows you communicate with suricata(8) daemon using standard Unix sockets. The exchange protocol is JSON-based.
The creation of the socket is activated by setting enabled: yes under unix-command in Suricata YAML configuration file:
-
[...]
unix-command:
enabled: yes
#filename: custom.socket # use this to specify an alternate file
[...]
You can also start suricata(8) with the --unix-socket argument:
-
suricata --unix-socket
suricata --unix-socket=socket
In case you don't specify socket, the default is /var/run/suricata/suricata-command.socket.
To know if the suricata(8) daemon is build with the required capabilities run suricata --build-info and look for "Unix socket enabled: yes".
OPTIONS
The program follows the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is included below.
- -h, --help
-
Show summary of options.
- -v, --verbose
-
Verbose output (including JSON dump).
COMMANDS
When running suricatasc, you will get an 'interactive' CLI. The list of available commands will show up.- command-list
- list available commands
- shutdown
- this shutdown suricata
- help
- alias of command-list
- version
- display Suricata's version
- uptime
- display Suricata's uptime
- running-mode
- display running mode (workers, autofp, simple)
- capture-mode
- display capture system used
- conf-get <key>
-
get configuration item.
-
>>> conf-get unix-command.enabled
Success:
"yes" - dump-counters
- dump Suricata's performance counters
- pcap-file <file>
- load a file for pcap treatment
- pcap-file-number
- to know how much files are waiting to get processed
- pcap-file-list
- list of queued files
- pcap-file-current
-
the current processed file
ABOUT
suricatasc was written by the Open Information Security Foundation.This man page was written by Arturo Borrero Gonzalez <[email protected]> for the Debian GNU/Linux distribution (but it may be used by others).