[Oisf-users] rule profiling question - no log files created

Konrad Weglowski konrad.weglowski at gmail.com
Tue Jan 15 20:39:44 UTC 2019

Hey Andreas,

I did double check with "--build-info" command that it is enabled and log
dir is set correct/writable - other logs get written there no problem
(alerts,stats, etc)

build-info related output:
  Profiling enabled:                       yes
  Profiling locks enabled:                 no

Below is command to run suricata used:

suricata --pfring-int=p4p1 --pfring-cluster-id=98
--pfring-cluster-type=cluster_flow --pidfile /var/run/suricata.pid

Do I need anything added under "outputs" section? Currently we use eve-log
format for alerts and stats which is configured there.



On Tue, Jan 8, 2019 at 3:30 PM Andreas Herz <andi at geekosphere.org> wrote:

> Hi Konrad,
> On 08/01/19 at 15:01, Konrad Weglowski wrote:
> > Hello,
> >
> > I would like to enable rule profiling for tuning purposes. Suricata has
> > been compiled with profiling option and below config is in the
> > suricata.yaml. None of the log files are being created however...do you
> > know what can be possibly missing here?
> Did you double check if it's enabled when you pass '--build-info'?
> How do you start/run suricata?
> The log dir is set correct and writeable?
> Greetings
> --
> Andreas Herz
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190115/8cb10681/attachment.html>

More information about the Oisf-users mailing list