[Oisf-users] Issues with suricata eve.json datagramm logging?

Cooper F. Nelson cnelson at ucsd.edu
Wed May 24 22:26:43 UTC 2017

That did it and thanks for your quick reply, I'm under a deadline.

Re: syslog-ng, as long as it starts before suri does it works.


On 5/24/2017 3:18 PM, Jason Ish wrote:
> Try "filetype" here instead of "type".
>>>        filename: suri_eve.sock
>> However I'm getting this error in the suricata logs:
>>> [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file:
>>> "/home/suri/suri_eve.sock": No such device or address
>> Suricata is built with socket support.
>> Any ideas?
> Also make sure the socket file exists. Its the receivers job, so in this
> case syslog-ng to create the socket file.
> Jason

Cooper Nelson
IT Security - Information Technology Services
University of California San Diego
(858) 534-6487 - cnelson at ucsd.edu

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170524/7045380e/attachment-0002.sig>

More information about the Oisf-users mailing list