Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Need help with 18.1.4 Suricata changes
« previous
next »
Print
Pages: [
1
]
Author
Topic: Need help with 18.1.4 Suricata changes (Read 1947 times)
SecAficionado
Newbie
Posts: 39
Karma: 3
Need help with 18.1.4 Suricata changes
«
on:
March 13, 2018, 12:59:53 am »
Hi,
After the 18.1.4 update, suricata complains about syslogd. The log tab under IPS has never shown any entries other than "/var/log/suricata.log yielded no results". However, now I am getting an error with
red letters
!
In the release notes there is an item:
* intrusion detection: proper syslog with drops, requires log file reset
Are the two items related? Any directions on how to help suricata use /var/log/suricata.log and how to reset the log file are welcome.
Thanks!
«
Last Edit: March 13, 2018, 02:44:33 am by SecAficionado
»
Logged
franco
Administrator
Hero Member
Posts: 13695
Karma: 1177
Re: Need help with 18.1.4 Suricata changes
«
Reply #1 on:
March 14, 2018, 06:31:13 pm »
What's your red letter alert if you don't mind sharing?
Yes, reset IDS log file and enable Syslog mode in IDS settings.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Need help with 18.1.4 Suricata changes
