[Oisf-users] Properly testing Suricata for alerts

[419telegraph298 at protonmail.com]

I was able to get Suricata's autoupdate system to work but am now having issues getting alerts generated - despite going on [checkmyids.com](http://checkmyids.com/), using Tor, and running wget [testmyids.com](http://testmyids.com/) and nmap from my pi w/ Suricata on it, nothing has been added to alerts:

drwxr-xr-x 10 root root      4096 Feb  8 04:32 BriarIDS

-rw-r-----  1 root root  25209352 Feb 12 16:42 eve.json

-rw-r-----  1 root root 140588547 Feb 11 06:25 eve.json.1

-rw-r-----  1 root root    315811 Feb  3 06:25 eve.json.2.gz

-rw-r-----  1 root root         0 Feb 11 06:25 fast.log

-rw-r-----  1 root root         0 Feb 11 06:25 fast.log.1

-rw-r-----  1 root root        20 Feb  1 13:17 fast.log.2.gz

-rw-r--r--  1 root root        39 Jan 15  2007 index.html

-rw-r-----  1 root root  13408670 Feb 12 16:42 stats.log

-rw-r-----  1 root root  74700748 Feb 11 06:25 stats.log.1

-rw-r-----  1 root root    212177 Feb  3 06:25 stats.log.2.gz

-rw-r--r--  1 root root       224 Feb 12 06:27 suricata.log

-rw-r--r--  1 root root      1345 Feb 11 06:25 suricata.log.1

-rw-r--r--  1 root root       487 Feb  2 06:26 suricata.log.2.gz

Is this a permissions issue? When I had a previous install of Suricata I would be able to see the alerts generated when I ran Tor - should I just start adding rules to the config file to try to create sample alerts?

Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland.

Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190212/57f43fcd/attachment.html>