briand Also, can someone give me some commands to test if the service is working and to force an update if needed?
I had the same question as I activated suricata IDS today on my small PC Engines APU2 system. If you set emerging-attack_response.rules to status active on RED you can test the IDS safely by doing a “curl http://testmynids.org/uid/index.html” on the ipfire system (ssh). I found that hint in doc 2. Quickstart guide — Suricata 8.0.0-dev documentation. This triggers a message in file /var/log/suricata/fast.log, which instantly becomes visible in the IPS Log Viewer, too (see screenshot attached). Hope, that helps - or did you mean the update service itself?
