[Oisf-users] Rotated log files created, but logs go to rotated files
Oliver Humpage
oliver at watershed.co.uk
Tue Jun 23 13:27:40 UTC 2015
On 23 Jun 2015, at 14:20, Jeremy MJ <jskier at gmail.com> wrote:
> This may be a file system or logrotate issue, but I noticed that after
> rotating last night at midnight, the new files were created and zero
> length, and suricata was writing to the rotated log file.
Sounds like the HUP isn't being sent to suricata - can you confirm that /var/run/suricata.pid exists and has the correct pid of your suricata process in it?
Might be worth comparing the permissions on the old and new files as well, just to be sure.
Oliver.
More information about the Oisf-users
mailing list