[Oisf-users] No output module named eve-log, ignoring, 2.0dev (rev 18edec8)

Tom DeCanio decanio.tom at gmail.com
Mon Feb 10 17:46:44 UTC 2014


Does your build environment contain libjansson?  Without libjansson you
won't get JSON output support.  See libjansson: below.

Suricata Configuration:
  AF_PACKET support:                       yes
  PF_RING support:                         no
  NFQueue support:                         no
  IPFW support:                            no
  DAG enabled:                             no
  Napatech enabled:                        no
  Unix socket enabled:                     yes

  libnss support:                          yes
  libnspr support:                         yes
  libjansson support:                      yes
  Prelude support:                         no
  PCRE jit:                                yes
  libluajit:                               no
  libgeoip:                                no
  Non-bundled htp:                         no
  Old barnyard2 support:                   no
  CUDA enabled:                            no

  Suricatasc install:                      yes

  Unit tests enabled:                      no
  Debug output enabled:                    no
  Debug validation enabled:                no
  Profiling enabled:                       no
  Profiling locks enabled:                 no



On Mon, Feb 10, 2014 at 4:50 PM, Peter Manev <petermanev at gmail.com> wrote:

> On Mon, Feb 10, 2014 at 5:37 PM, Stefan Sabolowitsch
> <Stefan.Sabolowitsch at felten-group.com> wrote:
> > Hi all,
> > have here 2.0dev (rev 18edec8) and want to test the new "eve-log" json
> output file format, however i get this Warning.
> >
> > [29739] 10/2/2014 -- 16:18:55 - (runmodes.c:580) <Warning>
> (RunModeInitializeOutputs) -- [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] No
> output module named eve-log, ignoring
> >
> > thanks for any help.
> > Stefan
>
>
>
> What does your yaml section for eve-log look like?
>
>
> --
> Regards,
> Peter Manev
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140210/376e3205/attachment-0002.html>


More information about the Oisf-users mailing list