Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata floods system log

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 789 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrsunfire
      last edited by mrsunfire

      Hi!

      I have setup Suricata for my both WAN connections with pretty standard settings. Added some rules and it works as supposed. But suddenly my main system log gets flooded by log entries from Suricata. Even those that are suppressed.

      I can't find any solution to disable this. Only complete disable logging in Suricata, but then I dont see any blocks in the firewall log. Any ideas?

      alt text

      Netgate 6100 MAX

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Suricata will only log to the system log if you set it to do so otherwise it uses it's own logs.
        It's an option in the global settings tab:

        0_1528931485164_Selection_429.png

        Steve

        1 Reply Last reply Reply Quote 0
        • M
          mrsunfire
          last edited by

          But this first happend last night and I didn‘t change anything.
          Does it still show blocks in the pfSense firewall log if I disable this logging?

          Netgate 6100 MAX

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            That setting makes no difference to the firewall log it only affects Suricata logs in the System log.

            You can still see the Suricata logs by going to the logs tab in Services > Suricata.

            Steve

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.