startup-3.1RC1.log - Suricata - Open Information Security Foundation

Bug #1806 » startup-3.1RC1.log

Suricata 3.1RC1 startup - Chris Beverly, 06/13/2016 11:00 AM

       {"log":"Starting suri-graphite-stats script in background...\n","stream":"stdout","time":"2016-06-13T15:49:27.087109958Z"}
       {"log":" GRAPHITE_HOST=gen1.graphs.test.int.godaddy.com\n","stream":"stdout","time":"2016-06-13T15:49:27.087173376Z"}
       {"log":" GRAPHITE_PORT=2003\n","stream":"stdout","time":"2016-06-13T15:49:27.087179939Z"}
       {"log":" GRAPHITE_DELAY=30\n","stream":"stdout","time":"2016-06-13T15:49:27.087184909Z"}
       {"log":" GRAPHITE_PREFIX=security.ids\n","stream":"stdout","time":"2016-06-13T15:49:27.087189599Z"}
       {"log":" GRAPHITE_NODEID=p3pltestids002\n","stream":"stdout","time":"2016-06-13T15:49:27.087194264Z"}
       {"log":" GRAPHITE_POSTFIX=suricata.stats.iface\n","stream":"stdout","time":"2016-06-13T15:49:27.087199067Z"}
       {"log":" GRAPHITE_VERBOSE=\n","stream":"stdout","time":"2016-06-13T15:49:27.087205331Z"}
       {"log":" SURICATASC_SOCKET=/var/run/suricata/suricata-command.socket\n","stream":"stdout","time":"2016-06-13T15:49:27.087211974Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cInfo\u003e - Including configuration file /etc/suricata/rules/rule-files.yaml at parent node rule-files.\n","stream":"stdout","time":"2016-06-13T15:49:27.100822704Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cInfo\u003e - Including configuration file /etc/suricata/rules/vars.yaml at parent node vars.\n","stream":"stdout","time":"2016-06-13T15:49:27.101064779Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cNotice\u003e - This is Suricata version 3.1RC1 RELEASE\n","stream":"stdout","time":"2016-06-13T15:49:27.101547989Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cInfo\u003e - CPUs/cores online: 8\n","stream":"stdout","time":"2016-06-13T15:49:27.101625314Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - Adding interface bond1 from config file\n","stream":"stdout","time":"2016-06-13T15:49:27.10163641Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - 'default' server has 'request-body-minimal-inspect-size' set to 33882 and 'request-body-inspect-window' set to 4053 after randomization.\n","stream":"stdout","time":"2016-06-13T15:49:27.104832256Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - 'default' server has 'response-body-minimal-inspect-size' set to 33695 and 'response-body-inspect-window' set to 4218 after randomization.\n","stream":"stdout","time":"2016-06-13T15:49:27.104883732Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - DNS request flood protection level: 500\n","stream":"stdout","time":"2016-06-13T15:49:27.105488699Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - DNS per flow memcap (state-memcap): 524288\n","stream":"stdout","time":"2016-06-13T15:49:27.105516559Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - DNS global memcap: 16777216\n","stream":"stdout","time":"2016-06-13T15:49:27.105526723Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - Modbus request flood protection level: 500\n","stream":"stdout","time":"2016-06-13T15:49:27.105532168Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56\n","stream":"stdout","time":"2016-06-13T15:49:27.112845948Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - preallocated 65535 defrag trackers of size 168\n","stream":"stdout","time":"2016-06-13T15:49:27.124161161Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - defrag memory usage: 14679896 bytes, maximum: 536870912\n","stream":"stdout","time":"2016-06-13T15:49:27.124211332Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cNotice\u003e - using flow hash instead of active packets\n","stream":"stdout","time":"2016-06-13T15:49:27.125375154Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - allocated 517888 bytes of memory for the host hash... 8092 buckets of size 64\n","stream":"stdout","time":"2016-06-13T15:49:27.169997079Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - preallocated 8092 hosts of size 136\n","stream":"stdout","time":"2016-06-13T15:49:27.171183906Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - host memory usage: 1618400 bytes, maximum: 1073741824\n","stream":"stdout","time":"2016-06-13T15:49:27.171218144Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - using magic-file /usr/share/file/magic\n","stream":"stdout","time":"2016-06-13T15:49:27.171247331Z"}
       {"log":"[suri-graphite-stats:65] [Errno 2] No such file or directory\n","stream":"stderr","time":"2016-06-13T15:49:27.182761627Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - Core dump size is unlimited.\n","stream":"stdout","time":"2016-06-13T15:49:27.184488847Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - allocated 4194304 bytes of memory for the flow hash... 65536 buckets of size 64\n","stream":"stdout","time":"2016-06-13T15:49:27.187467861Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - preallocated 10000 flows of size 296\n","stream":"stdout","time":"2016-06-13T15:49:27.189112994Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - flow memory usage: 7154304 bytes, maximum: 536870912\n","stream":"stdout","time":"2016-06-13T15:49:27.18916005Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"prealloc-sessions\": 1000000 (per thread)\n","stream":"stdout","time":"2016-06-13T15:49:27.189166658Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"memcap\": 2147483648\n","stream":"stdout","time":"2016-06-13T15:49:27.18917273Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"midstream\" session pickups: disabled\n","stream":"stdout","time":"2016-06-13T15:49:27.189178322Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"async-oneside\": enabled\n","stream":"stdout","time":"2016-06-13T15:49:27.189183809Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"checksum-validation\": disabled\n","stream":"stdout","time":"2016-06-13T15:49:27.189189281Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.\"inline\": disabled\n","stream":"stdout","time":"2016-06-13T15:49:27.189194531Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream \"max-synack-queued\": 5\n","stream":"stdout","time":"2016-06-13T15:49:27.189199994Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"memcap\": 4294967296\n","stream":"stdout","time":"2016-06-13T15:49:27.189205144Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"depth\": 1048576\n","stream":"stdout","time":"2016-06-13T15:49:27.189210526Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"toserver-chunk-size\": 2533\n","stream":"stdout","time":"2016-06-13T15:49:27.189225055Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"toclient-chunk-size\": 2437\n","stream":"stdout","time":"2016-06-13T15:49:27.189231204Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly.raw: enabled\n","stream":"stdout","time":"2016-06-13T15:49:27.189236529Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 4, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.189330587Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 16, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.189518911Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 112, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.189739758Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 248, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.190031671Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 512, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.190477941Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 768, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.191041804Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 1448, prealloc 50000\n","stream":"stdout","time":"2016-06-13T15:49:27.234602862Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - segment pool: pktsize 65535, prealloc 1024\n","stream":"stdout","time":"2016-06-13T15:49:27.237147171Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"chunk-prealloc\": 9573\n","stream":"stdout","time":"2016-06-13T15:49:27.237512956Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - stream.reassembly \"zero-copy-size\": 128\n","stream":"stdout","time":"2016-06-13T15:49:27.261492865Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - allocated 262144 bytes of memory for the ippair hash... 4096 buckets of size 64\n","stream":"stdout","time":"2016-06-13T15:49:27.261592474Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - preallocated 1000 ippairs of size 136\n","stream":"stdout","time":"2016-06-13T15:49:27.261731923Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - ippair memory usage: 398144 bytes, maximum: 16777216\n","stream":"stdout","time":"2016-06-13T15:49:27.261755223Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - Delayed detect disabled\n","stream":"stdout","time":"2016-06-13T15:49:27.261780095Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - pattern matchers: MPM: ac, SPM: bm\n","stream":"stdout","time":"2016-06-13T15:49:27.261788864Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - grouping: tcp-whitelist (default) 53, 80, 139, 443, 445, 1433, 3306, 3389, 6666, 6667, 8080\n","stream":"stdout","time":"2016-06-13T15:49:27.261800939Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - grouping: udp-whitelist (default) 53, 135, 5060\n","stream":"stdout","time":"2016-06-13T15:49:27.261807214Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cConfig\u003e - IP reputation disabled\n","stream":"stdout","time":"2016-06-13T15:49:27.26196641Z"}
       {"log":"13/6/2016 -- 15:49:27 - \u003cInfo\u003e - Loading rule file: /etc/suricata/rules/automit.rules\n","stream":"stdout","time":"2016-06-13T15:49:27.262359291Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Loading rule file: /etc/suricata/rules/global-csirt.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.713212607Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Loading rule file: /etc/suricata/rules/global-threat.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.714042613Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cWarning\u003e - [ERRCODE: SC_ERR_NO_RULES(42)] - No rules loaded from /etc/suricata/rules/global-threat.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.714089564Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Loading rule file: /etc/suricata/profile-rules/csirt.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.714121527Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Loading rule file: /etc/suricata/profile-rules/threat.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.715497324Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cWarning\u003e - [ERRCODE: SC_ERR_NO_RULES(42)] - No rules loaded from /etc/suricata/profile-rules/threat.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.715519586Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cWarning\u003e - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/profile-rules/dcu.rules\n","stream":"stdout","time":"2016-06-13T15:49:29.715527115Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - 6 rule files processed. 149 rules successfully loaded, 0 rules failed\n","stream":"stdout","time":"2016-06-13T15:49:29.715540328Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for tcp-packet\n","stream":"stdout","time":"2016-06-13T15:49:29.715901873Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for tcp-stream\n","stream":"stdout","time":"2016-06-13T15:49:29.71594426Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for udp-packet\n","stream":"stdout","time":"2016-06-13T15:49:29.715969381Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for other-ip\n","stream":"stdout","time":"2016-06-13T15:49:29.715975663Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_uri\n","stream":"stdout","time":"2016-06-13T15:49:29.715980908Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_raw_uri\n","stream":"stdout","time":"2016-06-13T15:49:29.715986226Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_header\n","stream":"stdout","time":"2016-06-13T15:49:29.716024436Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_header\n","stream":"stdout","time":"2016-06-13T15:49:29.716031658Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_user_agent\n","stream":"stdout","time":"2016-06-13T15:49:29.716036887Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_raw_header\n","stream":"stdout","time":"2016-06-13T15:49:29.716041846Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_raw_header\n","stream":"stdout","time":"2016-06-13T15:49:29.716046848Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_method\n","stream":"stdout","time":"2016-06-13T15:49:29.716051847Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for file_data\n","stream":"stdout","time":"2016-06-13T15:49:29.716070193Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for file_data\n","stream":"stdout","time":"2016-06-13T15:49:29.716075712Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_stat_msg\n","stream":"stdout","time":"2016-06-13T15:49:29.716080746Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_stat_code\n","stream":"stdout","time":"2016-06-13T15:49:29.716086299Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_client_body\n","stream":"stdout","time":"2016-06-13T15:49:29.716091557Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_host\n","stream":"stdout","time":"2016-06-13T15:49:29.716096636Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_raw_host\n","stream":"stdout","time":"2016-06-13T15:49:29.716101567Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_cookie\n","stream":"stdout","time":"2016-06-13T15:49:29.716107905Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for http_cookie\n","stream":"stdout","time":"2016-06-13T15:49:29.716113109Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for dns_query\n","stream":"stdout","time":"2016-06-13T15:49:29.716118152Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - using unique mpm ctx' for tls_sni\n","stream":"stdout","time":"2016-06-13T15:49:29.716123186Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - 149 signatures processed. 0 are IP-only rules, 2 are inspecting packet payload, 0 inspect application layer, 0 are decoder event only\n","stream":"stdout","time":"2016-06-13T15:49:29.716142693Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - building signature grouping structure, stage 1: preprocessing rules... complete\n","stream":"stdout","time":"2016-06-13T15:49:29.716158122Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - TCP toserver: 7 port groups, 3 unique SGH's, 4 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.716203159Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cWarning\u003e - [ERRCODE: SC_WARN_POOR_RULE(276)] - rule 8000000: SYN-only to port(s) 13337:13337 w/o direction specified, disabling for toclient direction\n","stream":"stdout","time":"2016-06-13T15:49:29.716235751Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - TCP toclient: 1 port groups, 1 unique SGH's, 0 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.716255391Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - UDP toserver: 3 port groups, 2 unique SGH's, 1 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.716333001Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - UDP toclient: 3 port groups, 2 unique SGH's, 1 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.716385731Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - OTHER toserver: 254 proto groups, 2 unique SGH's, 252 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.717115648Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - OTHER toclient: 254 proto groups, 0 unique SGH's, 254 copies\n","stream":"stdout","time":"2016-06-13T15:49:29.717178844Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Unique rule groups: 10\n","stream":"stdout","time":"2016-06-13T15:49:29.718303095Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toserver TCP packet\": 0\n","stream":"stdout","time":"2016-06-13T15:49:29.71832778Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toclient TCP packet\": 0\n","stream":"stdout","time":"2016-06-13T15:49:29.718338077Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toserver TCP stream\": 0\n","stream":"stdout","time":"2016-06-13T15:49:29.718343762Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toclient TCP stream\": 0\n","stream":"stdout","time":"2016-06-13T15:49:29.718349283Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toserver UDP packet\": 2\n","stream":"stdout","time":"2016-06-13T15:49:29.718354773Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"toclient UDP packet\": 2\n","stream":"stdout","time":"2016-06-13T15:49:29.718360134Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Builtin MPM \"other IP packet\": 0\n","stream":"stdout","time":"2016-06-13T15:49:29.718365582Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Threshold config parsed: 0 rule(s) found\n","stream":"stdout","time":"2016-06-13T15:49:29.718592501Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - dropped the caps for main thread\n","stream":"stdout","time":"2016-06-13T15:49:29.718828936Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - fast output device (regular) initialized: fast.log\n","stream":"stdout","time":"2016-06-13T15:49:29.718862005Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - enabling 'eve-log' module 'alert'\n","stream":"stdout","time":"2016-06-13T15:49:29.718911683Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - stats output device (regular) initialized: stats.log\n","stream":"stdout","time":"2016-06-13T15:49:29.719033925Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Syslog output initialized\n","stream":"stdout","time":"2016-06-13T15:49:29.719049283Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Found affinity definition for \"management-cpu-set\"\n","stream":"stdout","time":"2016-06-13T15:49:29.719076899Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Using default prio 'low' for set 'management-cpu-set'\n","stream":"stdout","time":"2016-06-13T15:49:29.719083705Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Found affinity definition for \"receive-cpu-set\"\n","stream":"stdout","time":"2016-06-13T15:49:29.719089153Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Found affinity definition for \"worker-cpu-set\"\n","stream":"stdout","time":"2016-06-13T15:49:29.719103394Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Using default prio 'high' for set 'worker-cpu-set'\n","stream":"stdout","time":"2016-06-13T15:49:29.719109586Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Found affinity definition for \"verdict-cpu-set\"\n","stream":"stdout","time":"2016-06-13T15:49:29.719114902Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Using default prio 'high' for set 'verdict-cpu-set'\n","stream":"stdout","time":"2016-06-13T15:49:29.71912012Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Using flow cluster mode for AF_PACKET (iface bond1)\n","stream":"stdout","time":"2016-06-13T15:49:29.719125393Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - Using defrag kernel functionality for AF_PACKET (iface bond1)\n","stream":"stdout","time":"2016-06-13T15:49:29.719131061Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - NIC offloading on bond1: GRO: unset, LRO: unset\n","stream":"stdout","time":"2016-06-13T15:49:29.733509412Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cConfig\u003e - bond1: enabling zero copy mode by using data release call\n","stream":"stdout","time":"2016-06-13T15:49:29.733541716Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cInfo\u003e - Going to use 8 thread(s)\n","stream":"stdout","time":"2016-06-13T15:49:29.733571858Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cPerf\u003e - Setting prio -2 for thread \"W#01-bond1\" to cpu/core 0, thread id 11\n","stream":"stdout","time":"2016-06-13T15:49:29.733932296Z"}
       {"log":"13/6/2016 -- 15:49:29 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#01-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:29.734063344Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cPerf\u003e - Setting prio -2 for thread \"W#02-bond1\" to cpu/core 1, thread id 12\n","stream":"stdout","time":"2016-06-13T15:49:30.196554559Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#02-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:30.196653496Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cPerf\u003e - Setting prio -2 for thread \"W#03-bond1\" to cpu/core 2, thread id 13\n","stream":"stdout","time":"2016-06-13T15:49:30.461503692Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#03-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:30.461551074Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cPerf\u003e - Setting prio -2 for thread \"W#04-bond1\" to cpu/core 3, thread id 14\n","stream":"stdout","time":"2016-06-13T15:49:30.723266629Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#04-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:30.723369724Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cPerf\u003e - Setting prio -2 for thread \"W#05-bond1\" to cpu/core 4, thread id 15\n","stream":"stdout","time":"2016-06-13T15:49:30.988401073Z"}
       {"log":"13/6/2016 -- 15:49:30 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#05-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:30.988398223Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#06-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:31.248822766Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cPerf\u003e - Setting prio -2 for thread \"W#06-bond1\" to cpu/core 5, thread id 16\n","stream":"stdout","time":"2016-06-13T15:49:31.248828069Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cPerf\u003e - Setting prio -2 for thread \"W#07-bond1\" to cpu/core 6, thread id 17\n","stream":"stdout","time":"2016-06-13T15:49:31.512287979Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#07-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:31.512385554Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cPerf\u003e - Setting prio -2 for thread \"W#08-bond1\" to cpu/core 7, thread id 18\n","stream":"stdout","time":"2016-06-13T15:49:31.772521153Z"}
       {"log":"13/6/2016 -- 15:49:31 - \u003cError\u003e - [ERRCODE: SC_ERR_THREAD_NICE_PRIO(47)] - Error setting nice value -2 for thread W#08-bond1: Operation not permitted\n","stream":"stderr","time":"2016-06-13T15:49:31.77611826Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting prio 2 for thread \"US\", thread id 19\n","stream":"stdout","time":"2016-06-13T15:49:32.03341892Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cInfo\u003e - Using unix socket file '/var/run/suricata//suricata-command.socket'\n","stream":"stdout","time":"2016-06-13T15:49:32.033445227Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cConfig\u003e - using 1 flow manager threads\n","stream":"stdout","time":"2016-06-13T15:49:32.033610426Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting prio 2 for thread \"FM#01\", thread id 20\n","stream":"stdout","time":"2016-06-13T15:49:32.034695506Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cConfig\u003e - using 1 flow recycler threads\n","stream":"stdout","time":"2016-06-13T15:49:32.042254805Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting prio 2 for thread \"FR#01\", thread id 21\n","stream":"stdout","time":"2016-06-13T15:49:32.042467315Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting prio 2 for thread \"CW\", thread id 22\n","stream":"stdout","time":"2016-06-13T15:49:32.042563998Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting prio 2 for thread \"CS\", thread id 23\n","stream":"stdout","time":"2016-06-13T15:49:32.042766779Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cNotice\u003e - all 8 packet processing threads, 4 management threads initialized, engine started.\n","stream":"stdout","time":"2016-06-13T15:49:32.042905079Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:32.063702894Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:32.072218645Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:32.29936531Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:32.356381096Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:32.696477527Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:32.75418917Z"}
       {"log":"13/6/2016 -- 15:49:32 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:32.980492761Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:33.029794591Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:33.288191262Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:33.384258969Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:33.660504182Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:33.679392877Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:33.910843787Z"}
       {"log":"13/6/2016 -- 15:49:33 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:33.957731722Z"}
       {"log":"13/6/2016 -- 15:49:34 - \u003cPerf\u003e - Setting AF_PACKET socket buffer to 32768\n","stream":"stdout","time":"2016-06-13T15:49:34.232943509Z"}
       {"log":"13/6/2016 -- 15:49:34 - \u003cPerf\u003e - AF_PACKET V3 RX Ring params: block_size=32768 block_nr=15001 frame_size=1600 frame_nr=300020 (mem: 491552768)\n","stream":"stdout","time":"2016-06-13T15:49:34.286561991Z"}
       {"log":"13/6/2016 -- 15:49:34 - \u003cInfo\u003e - All AFP capture threads are running.\n","stream":"stdout","time":"2016-06-13T15:49:34.4985727Z"}

« Previous
1
2
3
Next »

(3-3/3)

Project

General

Profile

Suricata

Bug #1806 » startup-3.1RC1.log