[Discussion] Suricata 2.0.1 logging

• Previous message (by thread): [Discussion] Suricata 2.0.1 logging
• Next message (by thread): [Discussion] Suricata 2.0.1 logging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 05/24/2014 05:12 PM, Lance Lassetter wrote:
> Fedora just upgraded their stable repos to Suricata 2.0.1 and now nothing is logged with the version 2 and IPS mode.  All logfiles are created and I "iptables -vL" the NFQUEUE is seeing packets in Suricata IPS repeat mode.  Everything looks correct and I parsed and updated the new suricata.yaml.rpmnew and renamed it to suricata.yaml then restarted Suricata.  I even deleted the old logfiles and let suricata create the new ones in either /var/log/suricata or /var/log/IPS.
> 
> Once again the logfiles are created by starting Suricata and waiting a minute but they are all blank except for stats.log.

Can you share a record of your stats.log?

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

• Previous message (by thread): [Discussion] Suricata 2.0.1 logging
• Next message (by thread): [Discussion] Suricata 2.0.1 logging
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]