xenial (1) suricatasc.1.gz

Provided by: suricata_3.0-1_amd64 bug

NAME

       suricatasc - client for Suricata unix socket

SYNOPSIS

       suricatasc [-h] [-v] [socket]

DESCRIPTION

       This manual page documents briefly the suricatasc command.

       suricatasc  is  a  Python  script that allows you communicate with suricata(8) daemon using standard Unix
       sockets. The exchange protocol is JSON-based.

       The creation of the socket is activated by setting enabled:  yes  under  unix-command  in  Suricata  YAML
       configuration file:

              [...]
              unix-command:
                enabled: yes
                #filename: custom.socket # use this to specify an alternate file
              [...]

       You can also start suricata(8) with the --unix-socket argument:

              suricata --unix-socket
              suricata --unix-socket=socket

       In case you don't specify socket, the default is /var/run/suricata/suricata-command.socket.

       To  know  if the suricata(8) daemon is build with the required capabilities run suricata --build-info and
       look for "Unix socket enabled: yes".

OPTIONS

       The program follows the usual GNU command line syntax, with long options starting with two dashes  (`-').
       A summary of options is included below.

       -h, --help
              Show summary of options.

       -v, --verbose
              Verbose output (including JSON dump).

COMMANDS

       When running suricatasc, you will get an 'interactive' CLI. The list of available commands will show up.

       command-list
              list available commands

       shutdown
              this shutdown suricata

       help   alias of command-list

       version
              display Suricata's version

       uptime display Suricata's uptime

       running-mode
              display running mode (workers, autofp, simple)

       capture-mode
              display capture system used

       conf-get <key>
              get configuration item.

              >>> conf-get unix-command.enabled
              Success:
              "yes"

       dump-counters
              dump Suricata's performance counters

       pcap-file <file>
              load a file for pcap treatment

       pcap-file-number
              to know how much files are waiting to get processed

       pcap-file-list
              list of queued files

       pcap-file-current
              the current processed file

SEE ALSO

       suricata(8)

ABOUT

       suricatasc was written by the Open Information Security Foundation.

       This  man  page  was  written  by  Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> for the Debian
       GNU/Linux distribution (but it may be used by others).

                                                  Mar  31, 2015                                    SURICATASC(1)