From aldeid
Jump to navigation Jump to search
You are here

Basic syntax

$ suricata [options]


-c <path>
path to configuration file
-i <dev or ip>
run in pcap live mode
-r <path>
run in pcap file/offline mode
-s <path>
path to signature file (optional)
-l <dir>
default log directory
run as daemon
--pidfile <file>
write pid to this file (only for daemon mode)
enable fatal failure on signature init error
show the running configuration
--user <user>
run suricata as this user after init
--group <group>
run suricata as this group after init
--erf-in <path>
process an ERF file