[Oisf-users] suricata.log is not created when suricata starts
Peter Manev
petermanev at gmail.com
Thu Nov 10 16:23:09 UTC 2011
Hi Carlo,
The problem comes that
""
logging:
default-log-level: info
*default-output-filter:
outputs:*
- console:
enabled: no
- file:
enabled: yes
filename: /var/log/suricata.log
- syslog:
enabled: no
facility: local5
format: "[%i] <%d> -- "
""
The bolded text above is out of place ....it should be
""
logging:
default-log-level: info
*default-output-filter:
outputs:* # NOTE no "default-output-filter" and "outputs" start at the
same position
- console:
enabled: no
- file:
enabled: yes
filename: /var/log/suricata.log
- syslog:
enabled: no
facility: local5
format: "[%i] <%d> -- "
""
The yaml should be edited as it is, in order not to get funny results like
this one.
Hope it helps!
thanks
On Thu, Nov 10, 2011 at 4:01 PM, carlopmart <carlopmart at gmail.com> wrote:
> On 11/10/2011 03:47 PM, Peter Manev wrote:
> > how do you start suricata?
> > Do you use the same yaml as you shared before?
> >
> > thanks
> >
>
> Yes. Command line:
>
> "suricata -D -c /data/config/etc/suricata/suricata.yaml -i eth8 -F
> /data/config/etc/suricata/bpf.conf --pidfile /var/run/suricata.pid"
>
> --
> CL Martinez
> carlopmart {at} gmail {d0t} com
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111110/a45e0463/attachment-0002.html>
More information about the Oisf-users
mailing list