[Oisf-devel] Suricata file-store not logging md5

Marcos Rodriguez marcos.e.rodriguez at gmail.com
Mon Apr 30 17:56:13 UTC 2012 

On Mon, Apr 30, 2012 at 12:44 PM, Mike Cox <mike.cox52 at gmail.com> wrote:

> Peter,
>
> I do not have JSON logging enabled, just file-store with force-magic
> and force-md5.  As you can see, MAGIC is included and it is all files
> that do not have the MD5 sum included.
>
> To answer Marcos' question about libnss, I believe it is installed:
>
> [root at SURI2]# locate libnss
> /lib/libnss_compat-2.5.so
> /lib/libnss_compat.so.2
> /lib/libnss_db-2.2.so
> /lib/libnss_db.so.2
> /lib/libnss_dns-2.5.so
> /lib/libnss_dns.so.2
> /lib/libnss_files-2.5.so
> /lib/libnss_files.so.2
> /lib/libnss_hesiod-2.5.so
> /lib/libnss_hesiod.so.2
> /lib/libnss_ldap-2.5.so
> /lib/libnss_ldap.so.2
> /lib/libnss_nis-2.5.so
> /lib/libnss_nis.so.2
> /lib/libnss_nisplus-2.5.so
> /lib/libnss_nisplus.so.2
> /lib/libnss_winbind.so.2
> /lib/libnss_wins.so.2
> /usr/lib/libnss3.so
> /usr/lib/libnss_compat.so
> /usr/lib/libnss_db.so
> /usr/lib/libnss_dns.so
> /usr/lib/libnss_files.so
> /usr/lib/libnss_hesiod.so
> /usr/lib/libnss_ldap.so
> /usr/lib/libnss_nis.so
> /usr/lib/libnss_nisplus.so
> /usr/lib/libnss_winbind.so
> /usr/lib/libnss_wins.so
> /usr/lib/libnssckbi.so
> /usr/lib/libnssutil3.so
> [root at SURI2 files]# which md5sum
> /usr/bin/md5sum
>
> Suricata was configured/installed with:
>
> ./configure --enable-gccprotect --enable-profiling --enable-pfring
> --with-libpfring-libraries=/usr/local/lib
> --with-libpfring-includes=/usr/local/include
> --with-libpcap-libraries=/usr/local/lib
> --with-libpcap-includes=/usr/local/include
> --with-libhtp-includes=/usr/local/include
> --with-libhtp-libraries=/usr/local/lib --prefix=/usr/local/
> --sysconfdir=/etc/ --localstatedir=/var/
>
> Thanks.
>
>  -Mike Cox


Interesting.  I'm running into a similar situation on RHEL6 and Fedora 16.

 ./configure --prefix=/data/suricata/suricata-1.3b --enable-dag
--enable-debug --enable-debug-validation --enable-profiling
--with-libnss-libraries=/usr/lib64
--with-libnss-includes=/usr/include/nss3/
--with-libnspr-libraries=/usr/lib64
--with-libnspr-libraries=/usr/include/nspr4

libnss support:                          no
libnspr support:                         no

When I finish the make && make install process and type ./bin/suricata
--build-info, HAVE_NSS is not among the list.

Sorry I couldn't help.  At least you're not alone :o)

marcos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120430/918dd449/attachment-0002.html>

More information about the Oisf-devel mailing list