[Oisf-users] Disabled console logging but Suricata still outputs messages

Duarte Silva duarte.silva at serializing.me
Wed May 1 12:26:23 UTC 2013


On Wednesday 01 May 2013 14:08:42 Victor Julien wrote:
> On 05/01/2013 12:31 PM, Duarte Silva wrote:
> > That means loosing the "[ OK ]" part of the messages.
> 
> Not necessarily. If you only redirect suricata's output you'll still get
> whatever output the script generates. Suricata doesn't print the "OK",
> it's your script that does that.

Hmmm, that is true. I just have to figure out how the daemon function (if it is 
a function anyway) wiorks so that I'm able only to redirect suricata and not 
the all thing.

> 
> > On 1 May 2013 09:06, "Victor Julien" <lists at inliniac.net
> > 
> > <mailto:lists at inliniac.net>> wrote:
> >     On 04/30/2013 07:04 PM, Duarte Silva wrote:
> >     > I have disabled the console output and enabled the file output,
> >     
> >     but while I'm
> >     
> >     > starting suricata using a init script I still get output from it.
> >     > 
> >     > # /etc/init.d/suricata start
> >     > Starting Suricata IDS (suricata): 30/4/2013 -- 17:43:56 - <Info> -
> >     
> >     This is
> >     
> >     > Suricata version 1.4.1 RELEASE
> >     > 30/4/2013 -- 17:43:56 - <Info> - CPUs/cores online: 2
> >     > 30/4/2013 -- 17:43:56 - <Info> - Found an MTU of 1500 for 'eth1'
> >     
> >     I think these messages are generated before we read the yaml, so they
> >     won't be affected by it's setting.
> >     
> >     Think you'll have to redirect the output to /dev/null to suppress it.
> >     
> >     --
> >     ---------------------------------------------
> >     Victor Julien
> >     http://www.inliniac.net/
> >     PGP: http://www.inliniac.net/victorjulien.asc
> >     ---------------------------------------------
> >     
> >     _______________________________________________
> >     Suricata IDS Users mailing list:
> >     oisf-users at openinfosecfoundation.org
> >     <mailto:oisf-users at openinfosecfoundation.org>
> >     Site: http://suricata-ids.org | Support:
> >     http://suricata-ids.org/support/
> >     List:
> >     https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >     OISF: http://www.openinfosecfoundation.org/



More information about the Oisf-users mailing list