Add support for suricata rules load status

2026-05-05 02:48:21 +02:00 · 2025-12-04 12:26:13 -05:00
parent f15a39c153
commit 9304513ce8
5 changed files with 84 additions and 0 deletions
@@ -90,6 +90,18 @@ clean_suricata_eve_files:
    - month: '*'
    - dayweek: '*'

+# Add rulestats cron - runs every minute to query Suricata for rule load status
+suricata_rulestats:
+  cron.present:
+    - name: /usr/sbin/so-suricata-rulestats > /dev/null 2>&1
+    - identifier: suricata_rulestats
+    - user: root
+    - minute: '*'
+    - hour: '*'
+    - daymonth: '*'
+    - month: '*'
+    - dayweek: '*'
+
 {% else %}

 {{sls}}_state_not_allowed: