[Oisf-users] Suricata process goes down from time to time
C. L. Martinez
carlopmart at gmail.com
Wed Jun 12 07:40:58 UTC 2013
On Wed, Jun 12, 2013 at 7:39 AM, Peter Manev <petermanev at gmail.com> wrote:
>
>
>
> On Wed, Jun 12, 2013 at 9:29 AM, C. L. Martinez <carlopmart at gmail.com>
> wrote:
>>
>> >> >>
>> >> maximum: 16777216
>> >> 12/6/2013 -- 05:48:29 - <Info> - cleaning up signature grouping
>> >> structure... complete
>> >>
>> >> suricata process doesn't stops ... It seems the problem only appears
>> >> when I run suricata in daemonized mode ...
>> >
>> >
>> > 1. I see a "live rule swap" - could you try running it without the live
>> > swaps?
>> > 2. what does suricata.log say when you run it in daemon mode and it
>> > stops?
>> >
>> > thanks
>> >>
>>
>> 1.- Ok, I will disable rules update
>> 2.- I think it is normal stop:
>>
>>
>>
>> 12/6/2013 -- 06:57:48 - <Info> - all 2 packet processing threads, 3
>> management threads initialized, engine started.
>> 12/6/2013 -- 06:57:49 - <Info> - No packets with invalid checksum,
>> assuming checksum offloading is NOT used
>> 12/6/2013 -- 07:28:56 - <Info> - Signal Received. Stopping engine.
>> 12/6/2013 -- 07:28:56 - <Info> - 0 new flows, 0 established flows were
>> timed out, 0 flows in closed state
>>
>
> It looks like a normal stop signal...
> Are you sure there are no cronjobs/scripts running?
>
Yes, I am sure. The only cronjob installed in this host is for rules
updates (the previous live rules swap that you see).
More information about the Oisf-users
mailing list