I have run suricata on different linux distros
Note: I noticed after making a rule change and applying it(command line in linux)
It takes up to 5 minutes for surricata to parse, load, and start engine of 150,000 rules
You can see it in opnsense monitoring cpu
Its a off then on load on cpu, its not continuous I guess not to overheat cpu
But that means when you push apply you have to wait at least 5 minutes to make another rule change
Including policies
I wonder if that is what is effecting some changes, not giving it enough tiime to finish last job
Surricata doesnt do multiple commands
I have not noticed more than about 30 seconds to reload once I hit apply. AMD V1756B with 16gb of ram using the ET Open rule set.