[Oisf-users] No output module named eve-log, ignoring, 2.0dev (rev 18edec8)
Tom DeCanio
decanio.tom at gmail.com
Mon Feb 10 17:46:44 UTC 2014
Does your build environment contain libjansson? Without libjansson you
won't get JSON output support. See libjansson: below.
Suricata Configuration:
AF_PACKET support: yes
PF_RING support: no
NFQueue support: no
IPFW support: no
DAG enabled: no
Napatech enabled: no
Unix socket enabled: yes
libnss support: yes
libnspr support: yes
libjansson support: yes
Prelude support: no
PCRE jit: yes
libluajit: no
libgeoip: no
Non-bundled htp: no
Old barnyard2 support: no
CUDA enabled: no
Suricatasc install: yes
Unit tests enabled: no
Debug output enabled: no
Debug validation enabled: no
Profiling enabled: no
Profiling locks enabled: no
On Mon, Feb 10, 2014 at 4:50 PM, Peter Manev <petermanev at gmail.com> wrote:
> On Mon, Feb 10, 2014 at 5:37 PM, Stefan Sabolowitsch
> <Stefan.Sabolowitsch at felten-group.com> wrote:
> > Hi all,
> > have here 2.0dev (rev 18edec8) and want to test the new "eve-log" json
> output file format, however i get this Warning.
> >
> > [29739] 10/2/2014 -- 16:18:55 - (runmodes.c:580) <Warning>
> (RunModeInitializeOutputs) -- [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] No
> output module named eve-log, ignoring
> >
> > thanks for any help.
> > Stefan
>
>
>
> What does your yaml section for eve-log look like?
>
>
> --
> Regards,
> Peter Manev
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140210/376e3205/attachment-0002.html>
More information about the Oisf-users
mailing list