Project

General

Profile

Actions

Bug #798

closed

stats.log in yaml config - append option - missing

Added by Peter Manev over 11 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Currently for both git and 1.4.1 in the suricata.yaml we have:


  # Stats.log contains data from various counters of the suricata engine.
  # The interval field (in seconds) tells after how long output will be written
  # on the log file.
  - stats:
      enabled: yes
      filename: stats.log
      interval: 8

So if you run Suricata like this , even on little traffic, it can inflate the stats.log to a size of few GBs for a few days run.
The more cores you have - the bigger the stats.log in general.

One can add

interval: 8
append: no

Then the stats.log will be cleared/reset every time Suricata is restarted/run.
The option however is not present in the yaml file itself.

Actions

Also available in: Atom PDF