[Oisf-users] Unified2 file not growing
Victor Julien
lists at inliniac.net
Mon Oct 28 22:19:31 UTC 2013
On 10/28/2013 06:47 PM, Olivier Doisneau wrote:
> I am new to Suricata and not even sure if this is the right place for my question. But in short, I have a server with Suricata installed and running and Barnyard2 to push the logs to the mysql database. All is working fine but I am surprised to see the unified2 file is not growing, Barnyard2 is saying waiting for data but the stats.log is saying that it is moving along. If I stop and restart suricata, then there is data read by Barnyard2 and successfully pushed out. Is data being written to another location than the directory in yaml for the unified2 file? Am I missing something, I imagined that the logs would continue growing all day.
Is your fast.log enabled as well? Do you get alerts in there? Maybe
there are just no alerts.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list