[Oisf-users] Issues with suricata eve.json datagramm logging?
Cooper F. Nelson
cnelson at ucsd.edu
Wed May 24 22:26:43 UTC 2017
That did it and thanks for your quick reply, I'm under a deadline.
Re: syslog-ng, as long as it starts before suri does it works.
-Coop
On 5/24/2017 3:18 PM, Jason Ish wrote:
> Try "filetype" here instead of "type".
>
>>> filename: suri_eve.sock
>>
>> However I'm getting this error in the suricata logs:
>>
>>> [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file:
>>> "/home/suri/suri_eve.sock": No such device or address
>>
>> Suricata is built with socket support.
>>
>> Any ideas?
>
> Also make sure the socket file exists. Its the receivers job, so in this
> case syslog-ng to create the socket file.
>
> Jason
--
Cooper Nelson
IT Security - Information Technology Services
University of California San Diego
(858) 534-6487 - cnelson at ucsd.edu
https://cybersecurity.ucsd.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170524/7045380e/attachment-0002.sig>
More information about the Oisf-users
mailing list