OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: hushcoden on August 15, 2020, 08:28:01 pm

Title: Is Suricata running?
Post by: hushcoden on August 15, 2020, 08:28:01 pm

Since I don't have any entries in the 'Alerts' tab, I was wondering which woud be the best way to check that Suricata is actually running ?

Tia.

Title: Re: Is Suricata running?
Post by: ArminF on August 17, 2020, 07:56:43 am

You can SSH into the box. Select option 8 for shell.

root@opnsense:/var/log/suricata # service suricata status
suricata is running as pid 87056.

Also you can check the log in /var/log/ and var/log/suricata

Or run a top command to see if suricata is loaded.

Depends on your rules there might be no alterts.

Title: Re: Is Suricata running?
Post by: hushcoden on August 17, 2020, 08:56:09 am

Thanks, it's working:  ;D

Code: [Select]

root@gateway:~ # service suricata status
suricata is running as pid 23173.