OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: bunchofreeds on August 10, 2020, 11:29:43 pm
-
Hi,
My Suricata logs seem to be broken into two types within Services>Intrusion Detection>Log File.
The first type is the original detailed information about success of rule downloads and startup of services.
This always appears at the top of the log view.
These can be cleared using the button 'Clear Log' within this view
The second is more like a set of general Suricata statistics.
This always begins after all ALL of the above logs. This also cycles continuously in my case.
These can only be cleared by System>Settings>Logging 'Reset Log Files'
Is this perhaps to do with a move to syslog-ng?
Just wondering if my setup is broken or are others seeing this too?
Any help to fix would be greatly appreciated.
Ideally I do not need to see the 'stats' logs in my Suricata logs
I have disabled Circular Logging as I understand this sets OPNsense to use the newer syslog-ng.
I also have loads of these in my General Logs
2020-08-11T09:19:24 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='6'
2020-08-11T09:18:24 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='6'
2020-08-11T09:17:24 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='6'
2020-08-11T09:16:24 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='27'
2020-08-11T09:15:32 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='6'
2020-08-11T09:14:32 syslog-ng[33964]: Destination timeout has elapsed, closing connection; fd='23'