4. Limiting suricata logs

Limiting suricata logs

  • M

    I have enabled DNS logging in suricata, but I noticed that the logs keep growing every day. I would like to be able to limit the logs and maybe perform some sort of rotation to ensure the logs don't grow too much over time. I read something about log rotation and suricata, but not sure if there is mechanism embedded in the application. I have performed a full pfsense install and using an SSD, so the logs are stored on SSD, not in RAM.

    Martin

    0
  • D
    Banned

    Uhm… there's a HUGE slew of settings in the Suricata GUI itself, in the Logs Mgmt tab!

    0
  • M

    When I click on the Log Mgmt tab, I get a "404 - Not Found" message on an empty page.

    I also get this error when I click on some of the other tabs (Blocks, Pass Lists, Logs View, SID Mgmt, IP Lists).

    I am using suricata 2.1.5 and pfsense 2.2.3-RELEASE-pfSense (amd64).

    Martin

    0
  • D
    Banned

    Sucks to be you. Upgrade your pfSense to get maintained package versions. Also, the package you have is obviously not correctly installed, at least reinstall it.

    0
  • M

    I did reinstall the package, which upgraded it to version 2.1.6 and things are working fine now.

    Martin

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy