[Oisf-users] Don't need no stinking logs
Peter Manev
petermanev at gmail.com
Wed Dec 12 21:19:00 UTC 2018
On Wed, Dec 12, 2018 at 9:41 PM James Moe <jimoe at sohnen-moe.com> wrote:
>
> On 12/12/2018 6.14 AM, Peter Manev wrote:
>
> > Are you still experiencing issue with the logs creation ?
> >
> Suricata version 4.1.0 RELEASE
>
> Yes. In particular <stats.log> seems to be the most likely to fail to
> rollover. I have been tracking this only sporadically; today, both
rollover - you mean logrotate ? or when suricata is restarted it
doesn't not repopulate ?
> stats.log and dns.log have a size of 0 (zero). fast.log and eve.json
> reliably start correctly.
> Suricata is restarted every day rather than just have the rules
> reloaded. Logs are more likely to fail with a reload than a restart.
> Nevertheless, that pesky stats.log ...
>
> --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> Think.
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list