[Oisf-users] Disabled console logging but Suricata still outputs messages
Duarte Silva
duarte.silva at serializing.me
Wed May 1 12:26:23 UTC 2013
On Wednesday 01 May 2013 14:08:42 Victor Julien wrote:
> On 05/01/2013 12:31 PM, Duarte Silva wrote:
> > That means loosing the "[ OK ]" part of the messages.
>
> Not necessarily. If you only redirect suricata's output you'll still get
> whatever output the script generates. Suricata doesn't print the "OK",
> it's your script that does that.
Hmmm, that is true. I just have to figure out how the daemon function (if it is
a function anyway) wiorks so that I'm able only to redirect suricata and not
the all thing.
>
> > On 1 May 2013 09:06, "Victor Julien" <lists at inliniac.net
> >
> > <mailto:lists at inliniac.net>> wrote:
> > On 04/30/2013 07:04 PM, Duarte Silva wrote:
> > > I have disabled the console output and enabled the file output,
> >
> > but while I'm
> >
> > > starting suricata using a init script I still get output from it.
> > >
> > > # /etc/init.d/suricata start
> > > Starting Suricata IDS (suricata): 30/4/2013 -- 17:43:56 - <Info> -
> >
> > This is
> >
> > > Suricata version 1.4.1 RELEASE
> > > 30/4/2013 -- 17:43:56 - <Info> - CPUs/cores online: 2
> > > 30/4/2013 -- 17:43:56 - <Info> - Found an MTU of 1500 for 'eth1'
> >
> > I think these messages are generated before we read the yaml, so they
> > won't be affected by it's setting.
> >
> > Think you'll have to redirect the output to /dev/null to suppress it.
> >
> > --
> > ---------------------------------------------
> > Victor Julien
> > http://www.inliniac.net/
> > PGP: http://www.inliniac.net/victorjulien.asc
> > ---------------------------------------------
> >
> > _______________________________________________
> > Suricata IDS Users mailing list:
> > oisf-users at openinfosecfoundation.org
> > <mailto:oisf-users at openinfosecfoundation.org>
> > Site: http://suricata-ids.org | Support:
> > http://suricata-ids.org/support/
> > List:
> > https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> > OISF: http://www.openinfosecfoundation.org/
More information about the Oisf-users
mailing list