Support #2990
closed
Added by Anh Pham over 5 years ago.
Updated over 5 years ago.
Description
I use suricata 4.0.4 and in suricata.yaml, i edited fast.log and files-json.log to enabled:yes - append:yes. But when I cat fast.log and files-json.log, files-json.log is empty.
I use suricata 4.0.4 and in suricata.yaml, i edited fast.log and files-json.log to enabled:yes - append:yes. But when I cat fast.log and files-json.log, files-json.log is empty.
Is there any way to solve this problem? Thank you very much.
- Tracker changed from Bug to Support
I would recommend using latest stable Suricata - 4.1.4 and eve.json (instead of fast.log and files log as these are legacy).
After it is up and running , check if Suricata starts properly , if there are no errors , if you have defined your networks correctly.
- Status changed from New to Feedback
- Assignee set to Anh Pham
- Target version set to Support
Can you also add the configuration file so we can check for any issues there?
- Status changed from Feedback to Closed
Also available in: Atom
PDF