[Oisf-users] Rsyslog suppressed messages from suricata
craig at reswob10.net
craig at reswob10.net
Wed Jun 19 13:01:53 UTC 2019
Hi, new to suricata. I have a new install on CentOS 7 running rsyslog
8.24.0-34.el7 and I have suricata 4.1.4
My problem is it appears rsyslog is blocking writing of events to
/var/log/messages because I see no suricata logs, but many of these
entries:
journal: Suppressed 13475 messages from /system.slice/suricata.service
(the number of suppressed messages changes, but the main message stays
the same)
Is there a particular area of my config I should look at to tweak to fix
this? Does this mean I should migrate to a server with more CPU and/or
RAM?
Thanks
Craig
My other question is this: is there a way to search the archives? I
went to https://lists.openinfosecfoundation.org/pipermail/oisf-users/
but I didn't see a search capability....
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190619/c6b92513/attachment.html>
More information about the Oisf-users
mailing list