[Oisf-devel] Log output - syslog
Victor Julien
victor at inliniac.net
Thu Feb 13 18:36:39 UTC 2014
On 02/13/2014 07:33 PM, Jason Ish wrote:
>>> I found the following forum where this was brought up awhile ago, did
>>> >> anything ever come of it?
>>> >>
>>> >> http://comments.gmane.org/gmane.comp.security.ids.oisf.user/1358
>> >
>> > I don't think so. In irc we recently discussed the topic of log file
>> > rotation. I think Jason Ish might be working on something there.
> Yes, I've started implementing SIGHUP style rotation, so you can have
> logrotate rename (instead of copy) the log files, then send a Suricata
> a SIGHUP to re-open. I've implemented this the new eve log as well as
> fast, I do plan to cover the rest as well.
Does that mean Suricata will wait/sleep between the two SIGHUP's or did
I misunderstand the method you use?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list