[Oisf-users] eDrop in fast.log, nothing in drop.log
Victor Julien
lists at inliniac.net
Mon Nov 11 08:34:19 UTC 2013
On 11/11/2013 12:08 AM, Stephen Watson wrote:
> I have drop.log setup in my yaml, yet nothing appears in the drop log
> when stuff is dropped. It does appear in my fast.log, but as wDrop,
>
>
>
> 11/11/2013-18:04:49.700485 [wDrop] [**] [1:2103134:5]
>
>
>
> Suricata 1.4.6 – af_packet.
>
The drop log is only used/filled in IPS mode.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list