1. Home
  2. MCP Security Best Practices
  3. Use cases
  4. IDPS Suricata deployment as a VNF on OpenStack with OpenContrail
  5. Run in daemon mode

Run in daemon mode

Run in daemon modeΒΆ

When you deploy Suricata on a service instance, you can start Suricata automatically on system boot up and run in a daemon mode.

To run Suricata in the daemon mode:

  1. Disable console output and set it to a file in the suricata.yaml configuration file:

    outputs:
- console:
     enabled: no
- file:
     enabled: yes
     filename: /var/log/suricata.log

  2. Make Suricata start on system boot up:

    • Create the initialization script /etc/init/suricata.conf:

      # suricata
description "IDPS Daemon"
start on runlevel [2345]
stop on runlevel [!2345]
expect fork
exec suricata -D --pidfile /var/run/suricata.pid -c
/etc/suricata/suricata.yaml -i eth0

    or

    • Specify the --pidfile option in suricata.yaml.
updated: 2024-01-04 11:46