[Oisf-users] A few questions about logging.

Cooper F. Nelson cnelson at ucsd.edu
Tue Aug 5 03:32:44 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yup, I don't understand named pipes.  You need to attach the consumer
process to all the pipes first before starting suricata, otherwise it
will block the process.

On 8/4/2014 1:03 PM, Cooper F. Nelson wrote:
> 
> This sort of worked in that I could get a bit of data out of the named
> pipes, but suricata would then wedge and stop processing packets.  I
> tried all the different filetypes, nothing worked as expected.
> 
> It could be I don't understand something about named pipes on linux, as
> I don't have much experience using them.  Is it possible given that the
> named pipes are 0 bytes in size that suricata gets confused trying to
> monitor them?
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
> 

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJT4FBbAAoJEKIFRYQsa8FWxmEH/2rGM5pYY6etBkGDaImOox7V
ed++BkdaFd1Lca2wGWnTp/ODL9vML/NWhK6KTW/MjuzYfJ22mLH7CJ0w4b/JI/sz
Igh9i5OVaHR/OJOTrrshARPYMDMxAkhr/BBaq493IFraeeeIIDolO4sFQTHTScVD
PNYJH86M6fbsQu3l4JDW2rC92oZieS6KgS6tw/6/Ac4S7mJ9DukU1xgR8SNBsd3l
a0Zi2uSB40jZ/3u8sHVNEipK9z4r7ttJ2ujhwPrtrnFsNwGHkBYaILQ5YIwEnjRs
yhMkouBV86ZiYK/44VaH94FcutOJj+uVtjUq6lgdqCFdsBxND6itNLpqXyp/XMI=
=QsVw
-----END PGP SIGNATURE-----



More information about the Oisf-users mailing list