[Oisf-users] Don't need no stinking logs
Peter Manev
petermanev at gmail.com
Mon Dec 17 08:28:47 UTC 2018
> On 14 Dec 2018, at 21:02, James Moe <jimoe at sohnen-moe.com> wrote:
>
>> On 14/12/2018 5.44 AM, Peter Manev wrote:
>>
>> I may have missed it somewhere else but not sure if you have the HUP
>> routine in the logrotation -
>>
> I removed it since re-population of the logs was less likely than
> after restart. And suricata is restarted daily after every rule update.
>
Yes but if you have logrotate and don’t send HUP that can result in the behavior you describe (even if Suricata is restarted it is done during diff time i suspect ?).
Thanks
> --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> Think.
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
More information about the Oisf-users
mailing list