Hi,
I my test, I find log to file does not work if suricata run as daemon.
suricata.yaml :
logging:
default-log-level: info
outputs:
- console:
enabled: yes
- file:
enabled: yes
filename: /var/log/suricata.log
run suricata and then
tail -f /var/log/suricata.log
I can see runtime logs only without "-D" option.