Suricata

Some software like nufw for example implement a command line interface that it available when connecting to a unix socket. This provides a basic mean to access to feature just as increase log level or change log level filtering.

It can also be really useful to get information from suricata like dropped packet counts for input module or global statistics (packets rate for example).

Here under the list of commands implemented in nufw (which can be of interest for suricata):

>>> help
version: display nuauth version
confdump: dump configuration
users: list connected users
packets count: display number of decision waiting packets
uptime: display nuauth starting time and uptime
reload: reload nuauth configuration
display debug_level
display debug_areas
display threads
debug_level LEVEL
debug_areas AREAS
help: display this help
quit: disconnect

An other advantage of using a unix socket to exchange information is that it could be used to update/maintain information like IP reputation. It can also be used to provide information to advanced user interface by running a script that translate the custom commands to XML-RPC/JSON output exported to the network.