[Oisf-users] Suricata versions (4.1.2 and 3.1) will not run after initial install on CENTOS 6.10 with SC_ERR_PCRE_COMPILE error
Peter Manev
petermanev at gmail.com
Tue Jan 1 09:14:45 UTC 2019
> On 30 Dec 2018, at 16:57, MATT DOUgherty <doughertysnp at gmail.com> wrote:
>
> I get a PCRE compile error that prevents any other interesting log data. Does anyone have an idea of that the could be?
>
> This is a clean install from source on CENTOS 6.10 with several versions of Suricata. I have snort installed. Is the existing snort install messing it up?
>
>
> [root at newfw suricata-4.1.2]# /usr/bin/suricata -c /etc/suricata/suricata.yaml -i eth1
> 30/12/2018 -- 04:51:07 - <Notice> - This is Suricata version 4.1.2 RELEASE
> 30/12/2018 -- 04:51:07 - <Error> - [ERRCODE: SC_ERR_PCRE_COMPILE(5)] - pcre compile of "\S[0-9A-z_]+[.][A-z0-9_+.]+$" failed at offset 12: POSIX collating elements are not supported
> ____
Do you have the same error if you start/load with 0 rules ? (You can try adding “-S /dev/null” to the starting line, could be rule related I was thinking )
> ___________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190101/f00ff26a/attachment.html>
More information about the Oisf-users
mailing list