[Oisf-devel] Suricata file-store not logging md5
Marcos Rodriguez
marcos.e.rodriguez at gmail.com
Mon Apr 30 18:00:02 UTC 2012
On Mon, Apr 30, 2012 at 1:56 PM, Marcos Rodriguez <
marcos.e.rodriguez at gmail.com> wrote:
>
>
> On Mon, Apr 30, 2012 at 12:44 PM, Mike Cox <mike.cox52 at gmail.com> wrote:
>
>> Peter,
>>
>> I do not have JSON logging enabled, just file-store with force-magic
>> and force-md5. As you can see, MAGIC is included and it is all files
>> that do not have the MD5 sum included.
>>
>> To answer Marcos' question about libnss, I believe it is installed:
>>
>> [root at SURI2]# locate libnss
>> /lib/libnss_compat-2.5.so
>> /lib/libnss_compat.so.2
>> /lib/libnss_db-2.2.so
>> /lib/libnss_db.so.2
>> /lib/libnss_dns-2.5.so
>> /lib/libnss_dns.so.2
>> /lib/libnss_files-2.5.so
>> /lib/libnss_files.so.2
>> /lib/libnss_hesiod-2.5.so
>> /lib/libnss_hesiod.so.2
>> /lib/libnss_ldap-2.5.so
>> /lib/libnss_ldap.so.2
>> /lib/libnss_nis-2.5.so
>> /lib/libnss_nis.so.2
>> /lib/libnss_nisplus-2.5.so
>> /lib/libnss_nisplus.so.2
>> /lib/libnss_winbind.so.2
>> /lib/libnss_wins.so.2
>> /usr/lib/libnss3.so
>> /usr/lib/libnss_compat.so
>> /usr/lib/libnss_db.so
>> /usr/lib/libnss_dns.so
>> /usr/lib/libnss_files.so
>> /usr/lib/libnss_hesiod.so
>> /usr/lib/libnss_ldap.so
>> /usr/lib/libnss_nis.so
>> /usr/lib/libnss_nisplus.so
>> /usr/lib/libnss_winbind.so
>> /usr/lib/libnss_wins.so
>> /usr/lib/libnssckbi.so
>> /usr/lib/libnssutil3.so
>> [root at SURI2 files]# which md5sum
>> /usr/bin/md5sum
>>
>> Suricata was configured/installed with:
>>
>> ./configure --enable-gccprotect --enable-profiling --enable-pfring
>> --with-libpfring-libraries=/usr/local/lib
>> --with-libpfring-includes=/usr/local/include
>> --with-libpcap-libraries=/usr/local/lib
>> --with-libpcap-includes=/usr/local/include
>> --with-libhtp-includes=/usr/local/include
>> --with-libhtp-libraries=/usr/local/lib --prefix=/usr/local/
>> --sysconfdir=/etc/ --localstatedir=/var/
>>
>> Thanks.
>>
>> -Mike Cox
>
>
> Interesting. I'm running into a similar situation on RHEL6 and Fedora 16.
>
> ./configure --prefix=/data/suricata/suricata-1.3b --enable-dag
> --enable-debug --enable-debug-validation --enable-profiling
> --with-libnss-libraries=/usr/lib64
> --with-libnss-includes=/usr/include/nss3/
> --with-libnspr-libraries=/usr/lib64
> --with-libnspr-libraries=/usr/include/nspr4
>
> libnss support: no
> libnspr support: no
>
> When I finish the make && make install process and type ./bin/suricata
> --build-info, HAVE_NSS is not among the list.
>
> Sorry I couldn't help. At least you're not alone :o)
>
> marcos
>
>
> Aha!
I only needed to specify --with-libnss-includes=/usr/include/nss3/ and
--with-libnspr-includes=/usr/include/nspr4, and voila!
Thanks!
marcos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120430/b4a388d9/attachment-0002.html>
More information about the Oisf-devel
mailing list