[Oisf-users] About Suricata http.log

Mesra.net CEO admin at mesra.my
Tue Sep 16 05:34:45 UTC 2014

Dear All,

I’m running Suricata 1.4.1 on my bridge server and I run below command:

/usr/bin/suricata -c /etc/suricata/suricata.yaml -q 0 –D

The problem is, I can see the Suricata is running on 
/var/log/suricata/fast.log, but on /var/log/suricata/httpd.log is only show 

09/16/2014-13:11:55.151757 xxx.xxx.xxx.xxx [**] / [**] check_http/v1.4.15 
(nagios-plugins 1.4.15) [**] xxx.xxx.xxx.xxx:55052 –> xxx.xxx.xxx.xxx:80
09/16/2014-13:16:55.231009 xxx.xxx.xxx.xxx [**] / [**] check_http/v1.4.15 
(nagios-plugins 1.4.15) [**] xxx.xxx.xxx.xxx:55107 –> xxx.xxx.xxx.xxx:80

For sure on suricata.yaml is already:

- http-log:
    enabled: yes
    filename: http.log
    append: yes

So the problem is if I run the Suricata without run as daemon, the http.log 
will show in full detail, so how I can make the http.log show in full detail 
when run as daemon?

Please advice and Thank you so much.

More information about the Oisf-users mailing list