Hello: I have suricata set up in ids mode only. I have created and enabled policy and selected some of the downloaded rulesets selected in policy. It seems that the policy is being ignored and I am getting alerts for all the downloaded rulesets, not just the ones selected for that policy. Does policy work for ids or only for ips.
After a a little more searching I found this post https://forum.opnsense.org/index.php?topic=37466.0 that answered my question and explained a lot more I may have had questions on in the future.