[Oisf-users] Each worker with a eve.json
David Decker
x.faith at gmail.com
Mon Sep 16 15:29:12 UTC 2019
So this might sound off but trying to figure this out.
I have a machine with 2 "eve.jsons", one under suricata at 0 and another at
suricata at 1. I was told this was due to the amount of workers allocated to
suricata. I cant seem to find any information on this type of setup, and
wanted to see if I can get some info to try and narrow it down.
Is there a way to see how many workers are allocated? And from there
which get sent to which suricata eve.json.
I believe I only see one suricata.yaml file as of right now. Any other
information needed I can try and provide.
X
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190916/c1a1d485/attachment.html>
More information about the Oisf-users
mailing list