[Oisf-users] Not writing to http.log
Brian Hennigar
bhennigar at gmail.com
Fri Oct 28 13:43:05 UTC 2016
I was able to solve this using this older issue
https://redmine.openinfosecfoundation.org/issues/1291 (the
redmine.openinfosecfoundation.org site wasn't accessible last night)
Once I enabled the async-oneside: true, it started logging to http.log.
Thanks!
On Thu, Oct 27, 2016 at 6:25 PM, Andreas Herz <andi at geekosphere.org> wrote:
> On 27/10/16 at 17:46, Brian Hennigar wrote:
> > Hi,
> > I'm running suricata 3.1.2 and everything is working great except that it
> > is not writing anything to http.log. When suricata starts, the file is
> > created however it is empty. Other log files are being written to.
> > (dns.log, eve.json, fast.log, alert-debug.log, etc)
> >
> > I have it enabled in the yaml
> > - http-log:
> > enabled: yes
> > filename: http.log
> > append: yes
> >
> > And in suricata.log, it initializes it
> > <Info> - http-log output device (regular) initialized: http.log
> >
> > Running in IDS mode. This configuration has worked for me in the past.
>
> So the only change was an update to 3.1.2?
> From what version did you update?
>
> Do you have an example within a pcap with that you can reproduce it?
>
> --
> Andreas Herz
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC:
> http://suricon.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161028/56b2a6d0/attachment-0002.html>
More information about the Oisf-users
mailing list