[Oisf-users] Verifying live rule reload? suricata.log stops spooling after rotation?
Peter Manev
petermanev at gmail.com
Wed Aug 24 07:15:10 UTC 2016
On Tue, Aug 23, 2016 at 11:54 PM, John Daly <longjohngolf at gmail.com> wrote:
> Hi all,
>
> Reaching out to understand how to verify that Suricata has had the live rule
> swap completed successfully. Is there any other way than checking the
> 'suricata.log'?
>
> I ask because after Suricata runs for a log rotation period, messages no
> longer show up in the Suricata log.
What messages are those? Can you share an example?
>
> I'm running Suricata 3.0.1.
Is it the same with 3.1.1 ?
>
> Thanks!
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC:
> http://oisfevents.net
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list