[Oisf-users] log to file does not work if suricata run as daemon
Peter Manev
petermanev at gmail.com
Thu Dec 15 07:33:47 EST 2011
/var/log/suricata.log increases ? - correct?
and in the second case it does not.
thanks
On Thu, Dec 15, 2011 at 1:23 PM, Delta Yeh <delta.yeh at gmail.com> wrote:
> Ah, sorry. A stupid copy and paste mistake when I compile this mail.
> I confirm both tests use the same config file /etc/suricata/suricata.yaml.
>
>
> Peter,
> Yes, suricata create the log file, but after startup no log anymore.
>
> Without -D option ,I can see log file increased,
> With -D option, only the logs of startup.
>
>
> 2011/12/15 Victor Julien <victor at inliniac.net>:
> > On 12/15/2011 12:55 PM, Delta Yeh wrote:
> >> When run suricata with:
> >> src/.libs/suricata -c /etc/suricata/suricata.yaml -i eth0
> >>
> >> I can see logs.
> >>
> >> When run suricata with:
> >>
> >> src/.libs/suricata -c /secone/websensor/conf/websensor.yaml -D -i
> eth0
> >>
> >> I can't see logs.
> >
> > You're using different configs here, are you sure
> > /secone/websensor/conf/websensor.yaml has the logging enabled?
> >
> > --
> > ---------------------------------------------
> > Victor Julien
> > http://www.inliniac.net/
> > PGP: http://www.inliniac.net/victorjulien.asc
> > ---------------------------------------------
> >
> > _______________________________________________
> > Oisf-users mailing list
> > Oisf-users at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111215/dada81b0/attachment-0001.html
More information about the Oisf-users
mailing list