[Oisf-users] log to file does not work if suricata run as daemon

Peter Manev petermanev at gmail.com
Thu Dec 15 07:33:47 EST 2011


/var/log/suricata.log increases ? - correct?
and in the second case it does not.

thanks

On Thu, Dec 15, 2011 at 1:23 PM, Delta Yeh <delta.yeh at gmail.com> wrote:

> Ah, sorry. A stupid copy and paste mistake when I compile this mail.
> I confirm  both tests use the same config file /etc/suricata/suricata.yaml.
>
>
> Peter,
>   Yes, suricata create the log file, but after startup no log anymore.
>
> Without -D option ,I can see log file increased,
> With -D option, only the logs of startup.
>
>
> 2011/12/15 Victor Julien <victor at inliniac.net>:
> > On 12/15/2011 12:55 PM, Delta Yeh wrote:
> >> When run suricata with:
> >>   src/.libs/suricata  -c /etc/suricata/suricata.yaml  -i eth0
> >>
> >> I can see logs.
> >>
> >> When run suricata with:
> >>
> >>  src/.libs/suricata  -c /secone/websensor/conf/websensor.yaml  -D -i
> eth0
> >>
> >> I can't see logs.
> >
> > You're using different configs here, are you sure
> > /secone/websensor/conf/websensor.yaml has the logging enabled?
> >
> > --
> > ---------------------------------------------
> > Victor Julien
> > http://www.inliniac.net/
> > PGP: http://www.inliniac.net/victorjulien.asc
> > ---------------------------------------------
> >
> > _______________________________________________
> > Oisf-users mailing list
> > Oisf-users at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>



-- 
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111215/dada81b0/attachment-0001.html


More information about the Oisf-users mailing list