[Oisf-users] log to file does not work if suricata run as daemon
Delta Yeh
delta.yeh at gmail.com
Thu Dec 15 13:01:37 UTC 2011
Sorry, my fault.
log to file works as expected in daemon mode.
I can't reproduce it anymore.
2011/12/15 Peter Manev <petermanev at gmail.com>:
> /var/log/suricata.log increases ? - correct?
> and in the second case it does not.
>
> thanks
>
>
> On Thu, Dec 15, 2011 at 1:23 PM, Delta Yeh <delta.yeh at gmail.com> wrote:
>>
>> Ah, sorry. A stupid copy and paste mistake when I compile this mail.
>> I confirm both tests use the same config file
>> /etc/suricata/suricata.yaml.
>>
>>
>> Peter,
>> Yes, suricata create the log file, but after startup no log anymore.
>>
>> Without -D option ,I can see log file increased,
>> With -D option, only the logs of startup.
>>
>>
>> 2011/12/15 Victor Julien <victor at inliniac.net>:
>> > On 12/15/2011 12:55 PM, Delta Yeh wrote:
>> >> When run suricata with:
>> >> src/.libs/suricata -c /etc/suricata/suricata.yaml -i eth0
>> >>
>> >> I can see logs.
>> >>
>> >> When run suricata with:
>> >>
>> >> src/.libs/suricata -c /secone/websensor/conf/websensor.yaml -D -i
>> >> eth0
>> >>
>> >> I can't see logs.
>> >
>> > You're using different configs here, are you sure
>> > /secone/websensor/conf/websensor.yaml has the logging enabled?
>> >
>> > --
>> > ---------------------------------------------
>> > Victor Julien
>> > http://www.inliniac.net/
>> > PGP: http://www.inliniac.net/victorjulien.asc
>> > ---------------------------------------------
>> >
>> > _______________________________________________
>> > Oisf-users mailing list
>> > Oisf-users at openinfosecfoundation.org
>> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>
>
>
> --
> Peter Manev
More information about the Oisf-users
mailing list