OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: priencecutie on August 08, 2022, 03:44:56 pm

Title: Suricata Intrusion Detection reloading Rules every Minute
Post by: priencecutie on August 08, 2022, 03:44:56 pm

Hello,

can someone of the professionals here in the forum please help me out or explain, why the rules getting reloaded every minute? I didn't find any explanation in the documentation about it.

Attached is a screenshot of the log file as an example.

Regards
Adam
เว็บแทงบอลปลอดภัยไม่โกง (https://socialmediaandemploymentlaw.com/%e0%b9%80%e0%b8%a7%e0%b9%87%e0%b8%9a%e0%b9%81%e0%b8%97%e0%b8%87%e0%b8%9a%e0%b8%ad%e0%b8%a5%e0%b8%ad%e0%b8%ad%e0%b8%99%e0%b9%84%e0%b8%a5%e0%b8%99%e0%b9%8c/)

Title: Re: Suricata Intrusion Detection reloading Rules every Minute
Post by: nzkiwi68 on August 09, 2022, 03:48:04 am

What have you put in:

Services > Intrusion Detection > Schedule

Up load of screen show of what that looks like. Perhaps you have inadvertently set the Cron job to fire every minute.

Minutes: should have a figure in it, less than 60, say 18
Hours: If you want to update and reload every three hours, then you would have 0,3,6,9,12,15,18,21
Day of the month: should have an * which means run every single day of the month
Months: should have an * which means run every month
Days of the week: should have an * which means run every day of the week

(If you put an * in Minutes, then, that means run every single minute!)

So, it you set it like by example above. Then, it will update and reload every day at:
0018
0318
0918
1218
1518
1818
2118