[Oisf-users] Errors configuring a suricata sensor
carlopmart
carlopmart at gmail.com
Sun Apr 3 18:18:32 UTC 2011
Hi all,
After configuring my first suricata sensor, I am trying to deploy a
second suricata sensor to monitor my proxy servers only.
I am trying to make a "clean" configuration file, but when I try to
start suricata returns me this error:
[12092] 3/4/2011 -- 20:17:02 - (suricata.c:440) <Info> (main) -- This is
Suricata version 1.1beta1
[12092] 3/4/2011 -- 20:17:02 - (util-cpu.c:171) <Info>
(UtilCpuPrintSummary) -- CPUs/cores online: 1
Failed to parse configuration file at line 6: found character that
cannot start any token
It is a very cryptic message, almost for me. My suricata config begins
with:
%YAML 1.1
---
# The default order is pass, drop, reject, alert
action-order:
- pass
- drop
- reject
- alert
# The default logging directory.
default-log-dir: /nsm/sensor_data/idsmgmt
Line 6 is the "action-order" param. What am I doing wrong??
Thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list