[Oisf-users] eve.json logging issues
Jason Ish
lists at unx.ca
Thu Nov 17 18:10:07 UTC 2016
On Thu, Nov 17, 2016 at 11:35 AM, erik clark <philosnef at gmail.com> wrote:
> I am getting the following event_types in my eve.json:
>
>
> http
> fileinfo
>
> I have
>
> http:
> enabled: no
The eve-log types don't have an enabled field. To disable them just
comment it out. In the default suricata.yaml "netflow" is commented
out this way, eg:
#- netflow
Hope that helps,
Jason
More information about the Oisf-users
mailing list