[Oisf-users] Not writing to http.log
Andreas Herz
andi at geekosphere.org
Thu Oct 27 21:25:23 UTC 2016
On 27/10/16 at 17:46, Brian Hennigar wrote:
> Hi,
> I'm running suricata 3.1.2 and everything is working great except that it
> is not writing anything to http.log. When suricata starts, the file is
> created however it is empty. Other log files are being written to.
> (dns.log, eve.json, fast.log, alert-debug.log, etc)
>
> I have it enabled in the yaml
> - http-log:
> enabled: yes
> filename: http.log
> append: yes
>
> And in suricata.log, it initializes it
> <Info> - http-log output device (regular) initialized: http.log
>
> Running in IDS mode. This configuration has worked for me in the past.
So the only change was an update to 3.1.2?
>From what version did you update?
Do you have an example within a pcap with that you can reproduce it?
--
Andreas Herz
More information about the Oisf-users
mailing list