I am CentOS 7.4 on Dell servers.
Running this command in a script:
kill -SIGUSR2 `ps -ef|grep ${rule}/etc/suricata/suricata.yaml|grep -v grep|awk '{ print $2 }'`
The "ps" part here grabs PID.
What does SIGUSR2 do here?
I see it's "user-defined"; how does that tranlate into actions?
What is done with SIGUSR2 is decided by the service that receives it. In your case, it seems that's Suricata IDS.
If you check the Suricata docs, you will see SIGUSR2 is used to reload the rules:
Suricata can be told to reloads it’s rules without restarting.
This works by sending Suricata a signal or by using the unix socket. [...]
Signal:
kill -USR2 $(pidof suricata)
