summaryrefslogtreecommitdiffstats
path: root/doc/userguide/manpages
diff options
context:
space:
mode:
Diffstat (limited to 'doc/userguide/manpages')
-rw-r--r--doc/userguide/manpages/index.rst10
-rw-r--r--doc/userguide/manpages/suricata.rst91
-rw-r--r--doc/userguide/manpages/suricatactl-filestore.rst67
-rw-r--r--doc/userguide/manpages/suricatactl.rst43
-rw-r--r--doc/userguide/manpages/suricatasc.rst40
5 files changed, 251 insertions, 0 deletions
diff --git a/doc/userguide/manpages/index.rst b/doc/userguide/manpages/index.rst
new file mode 100644
index 0000000..a054e86
--- /dev/null
+++ b/doc/userguide/manpages/index.rst
@@ -0,0 +1,10 @@
+Man Pages
+=========
+
+.. toctree::
+ :maxdepth: 1
+
+ suricata
+ suricatasc
+ suricatactl
+ suricatactl-filestore
diff --git a/doc/userguide/manpages/suricata.rst b/doc/userguide/manpages/suricata.rst
new file mode 100644
index 0000000..9652d7a
--- /dev/null
+++ b/doc/userguide/manpages/suricata.rst
@@ -0,0 +1,91 @@
+Suricata
+========
+
+SYNOPSIS
+--------
+
+**suricata** [OPTIONS] [BPF FILTER]
+
+DESCRIPTION
+-----------
+
+**suricata** is a high performance Network IDS, IPS and Network Security
+Monitoring engine. Open Source and owned by a community run non-profit
+foundation, the Open Information Security Foundation (OISF).
+
+**suricata** can be used to analyze live traffic and pcap files. It can
+generate alerts based on rules. **suricata** will generate traffic logs.
+
+When used with live traffic **suricata** can be passive or active. Active
+modes are: inline in a L2 bridge setup, inline with L3 integration with
+host firewall (NFQ, IPFW, WinDivert), or out of band using active responses.
+
+OPTIONS
+--------------
+
+.. include:: ../partials/options.rst
+
+OPTIONS FOR DEVELOPERS
+----------------------
+
+.. include:: ../partials/options-unittests.rst
+
+SIGNALS
+-------
+
+Suricata will respond to the following signals:
+
+SIGUSR2
+
+ Causes Suricata to perform a live rule reload.
+
+SIGHUP
+
+ Causes Suricata to close and re-open all log files. This can be
+ used to re-open log files after they may have been moved away by
+ log rotation utilities.
+
+FILES AND DIRECTORIES
+---------------------
+
+|sysconfdir|/suricata/suricata.yaml
+ Default location of the Suricata configuration file.
+
+|localstatedir|/log/suricata
+ Default Suricata log directory.
+
+EXAMPLES
+--------
+
+To capture live traffic from interface `eno1`::
+
+ suricata -i eno1
+
+To analyze a pcap file and output logs to the CWD::
+
+ suricata -r /path/to/capture.pcap
+
+To capture using `AF_PACKET` and override the flow memcap setting from the `suricata.yaml`::
+
+ suricata --af-packet --set flow.memcap=1gb
+
+To analyze a pcap file with a custom rule file::
+
+ suricata -r /pcap/to/capture.pcap -S /path/to/custom.rules
+
+BUGS
+----
+
+Please visit Suricata's support page for information about submitting
+bugs or feature requests.
+
+NOTES
+-----
+
+* Suricata Home Page
+
+ https://suricata.io/
+
+* Suricata Support Page
+
+ https://suricata.io/support/
diff --git a/doc/userguide/manpages/suricatactl-filestore.rst b/doc/userguide/manpages/suricatactl-filestore.rst
new file mode 100644
index 0000000..536d301
--- /dev/null
+++ b/doc/userguide/manpages/suricatactl-filestore.rst
@@ -0,0 +1,67 @@
+Suricata Control Filestore
+==========================
+
+SYNOPSIS
+--------
+
+**suricatactl filestore** [-h] <command> [<args>]
+
+DESCRIPTION
+-----------
+
+This command lets you perform certain operations on Suricata filestore.
+
+
+OPTIONS
+--------
+
+.. Basic options
+
+.. option:: -h
+
+Get help about the available commands.
+
+
+COMMANDS
+---------
+
+**prune [-h|--help] [-n|--dry-run] [-v|verbose] [-q|--quiet] -d <DIRECTORY>
+--age <AGE>**
+
+Prune files older than a given age.
+
+-d <DIRECTORY> | --directory <DIRECTORY> is a required argument which tells
+that user must provide the suricata filestore directory on which all the
+specified operations are to be performed.
+
+--age <AGE> is a required argument asking the age of the files. Files older
+than the age mentioned with this option shall be pruned.
+
+-h | --help is an optional argument with which you can ask for help about the
+command usage.
+
+-n | --dry-run is an optional argument which makes the utility print only what
+would happen
+
+-v | --verbose is an optional argument to increase the verbosity of command.
+
+-q | --quiet is an optional argument that helps log errors and warnings only
+and keep silent about everything else.
+
+
+BUGS
+----
+
+Please visit Suricata's support page for information about submitting
+bugs or feature requests.
+
+NOTES
+-----
+
+* Suricata Home Page
+
+ https://suricata.io/
+
+* Suricata Support Page
+
+ https://suricata.io/support/
diff --git a/doc/userguide/manpages/suricatactl.rst b/doc/userguide/manpages/suricatactl.rst
new file mode 100644
index 0000000..edda079
--- /dev/null
+++ b/doc/userguide/manpages/suricatactl.rst
@@ -0,0 +1,43 @@
+Suricata Control
+================
+
+SYNOPSIS
+--------
+
+**suricatactl** [-h] <command> [<args>]
+
+DESCRIPTION
+-----------
+
+This tool helps control Suricata's features.
+
+OPTIONS
+--------
+
+.. Basic options
+
+.. option:: -h
+
+Get help about the available commands.
+
+COMMANDS
+---------
+
+:manpage:`suricatactl-filestore(1)`
+
+BUGS
+----
+
+Please visit Suricata's support page for information about submitting
+bugs or feature requests.
+
+NOTES
+-----
+
+* Suricata Home Page
+
+ https://suricata.io/
+
+* Suricata Support Page
+
+ https://suricata.io/support/
diff --git a/doc/userguide/manpages/suricatasc.rst b/doc/userguide/manpages/suricatasc.rst
new file mode 100644
index 0000000..583c36b
--- /dev/null
+++ b/doc/userguide/manpages/suricatasc.rst
@@ -0,0 +1,40 @@
+Suricata Socket Control
+=======================
+
+SYNOPSIS
+--------
+
+**suricatasc**
+
+DESCRIPTION
+-----------
+
+Suricata socket control tool
+
+COMMANDS
+---------
+
+.. include:: ../partials/commands-sc.rst
+
+PCAP MODE COMMANDS
+-------------------
+
+.. include:: ../partials/commands-pcap-sc.rst
+
+
+BUGS
+----
+
+Please visit Suricata's support page for information about submitting
+bugs or feature requests.
+
+NOTES
+-----
+
+* Suricata Home Page
+
+ https://suricata.io/
+
+* Suricata Support Page
+
+ https://suricata.io/support/