suricata04.log - Suricata - Open Information Security Foundation

Support #2618 » suricata04.log

Rado Ce, 09/13/2018 03:43 PM

 /9/2018 -- 07:13:45 - <Debug> - http_uri is mpm
 /9/2018 -- 07:13:45 - <Debug> - sid 5000003: engine 0x55971e6bed00/4 added
 /9/2018 -- 07:13:45 - <Debug> - sid 5000003: engine 0x55972a125fe0/5 added
 /9/2018 -- 07:13:45 - <Debug> - 5000003: engine http_uri id 4 progress 1 MPM
 /9/2018 -- 07:13:45 - <Debug> - 5000003: engine http_method id 5 progress 1
 /9/2018 -- 07:13:45 - <Debug> - Returning: 0 ... <<
 /9/2018 -- 07:13:45 - <Perf> - Registered 14163 rule profiling counters.
 /9/2018 -- 07:13:45 - <Debug> - Returning: 0 ... <<
 /9/2018 -- 07:13:45 - <Debug> - adding de_ctx 0x55971c6f43b0 to master
 /9/2018 -- 07:13:45 - <Debug> - master version now 100
 /9/2018 -- 07:13:45 - <Debug> - failed to lookup configuration parameter 'sensor-name'
 /9/2018 -- 07:13:45 - <Info> - eve-log output device (regular) initialized: eve.log
 /9/2018 -- 07:13:45 - <Debug> - returning output_ctx 0x559729e8e260
 /9/2018 -- 07:13:45 - <Debug> - types 0x55971b8117f0
 /9/2018 -- 07:13:45 - <Config> - enabling 'eve-log' module 'alert'
 /9/2018 -- 07:13:45 - <Debug> - JsonAlertLog is a packet logger
 /9/2018 -- 07:13:45 - <Debug> - OutputRegisterPacketLogger happy
 /9/2018 -- 07:13:45 - <Config> - enabling 'eve-log' module 'stats'
 /9/2018 -- 07:13:45 - <Debug> - totals no threads no deltas (null)
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_JSON_STATS_LOG_NEGATED(273)] - Cannot disable both totals and threads in stats logging
 /9/2018 -- 07:13:45 - <Info> - http-log output device (regular) initialized: http.log
 /9/2018 -- 07:13:45 - <Debug> - HTTP log output initialized
 /9/2018 -- 07:13:45 - <Debug> - Entering ... >>
 /9/2018 -- 07:13:45 - <Debug> - Returning ... <<
 /9/2018 -- 07:13:45 - <Debug> - LogHttpLog is a tx logger
 /9/2018 -- 07:13:45 - <Debug> - Entering ... >>
 /9/2018 -- 07:13:45 - <Debug> - Returning: 5 ... <<
 /9/2018 -- 07:13:45 - <Debug> - Entering ... >>
 /9/2018 -- 07:13:45 - <Debug> - Returning: 5 ... <<
 /9/2018 -- 07:13:45 - <Debug> - OutputRegisterTxLogger happy
 /9/2018 -- 07:13:45 - <Info> - stats output device (regular) initialized: stats.log
 /9/2018 -- 07:13:45 - <Debug> - totals yes threads yes
 /9/2018 -- 07:13:45 - <Debug> - statslog_ctx->flags 00000003
 /9/2018 -- 07:13:45 - <Debug> - STATS log output initialized
 /9/2018 -- 07:13:45 - <Debug> - OutputRegisterStatsLogger happy
 /9/2018 -- 07:13:45 - <Info> - file-log output device (regular) initialized: files-json.log
 /9/2018 -- 07:13:45 - <Warning> - [ERRCODE: SC_ERR_DEPRECATED_CONF(274)] - deprecated 'force-md5' option found. Please use 'force-hash: [md5]' instead
 /9/2018 -- 07:13:45 - <Debug> - Returning pointer 0x5597268186e0 of type OutputCtx ... <<
 /9/2018 -- 07:13:45 - <Debug> - LogFileLog is a file logger
 /9/2018 -- 07:13:45 - <Debug> - OutputRegisterFileLogger happy
 /9/2018 -- 07:13:45 - <Debug> - Entering ... >>
 /9/2018 -- 07:13:45 - <Debug> - Returning ... <<
 /9/2018 -- 07:13:45 - <Debug> - Entering ... >>
 /9/2018 -- 07:13:45 - <Debug> - threading.detect-thread-ratio 8.000000
 /9/2018 -- 07:13:45 - <Debug> - live time mode enabled
 /9/2018 -- 07:13:45 - <Debug> - failed to lookup configuration parameter 'pfring.interface'
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@0, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@0"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - preallocating packets... packet size 2466
 /9/2018 -- 07:13:45 - <Perf> - Enabling zero-copy for zc:27@0
 /9/2018 -- 07:13:45 - <Debug> - Kernel release is '3.10.0-862.el7.x86_64'
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_PF_RING_OPEN(34)] - Failed to open zc:27@0: pfring_open error. Check if zc:27@0 exists and pf_ring module is loaded.
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@1, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@1"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - preallocating packets... packet size 2466
 /9/2018 -- 07:13:45 - <Perf> - Enabling zero-copy for zc:27@1
 /9/2018 -- 07:13:45 - <Debug> - Kernel release is '3.10.0-862.el7.x86_64'
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_PF_RING_OPEN(34)] - Failed to open zc:27@1: pfring_open error. Check if zc:27@1 exists and pf_ring module is loaded.
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@2, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@2"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - preallocating packets... packet size 2466
 /9/2018 -- 07:13:45 - <Perf> - Enabling zero-copy for zc:27@2
 /9/2018 -- 07:13:45 - <Debug> - Kernel release is '3.10.0-862.el7.x86_64'
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_PF_RING_OPEN(34)] - Failed to open zc:27@2: pfring_open error. Check if zc:27@2 exists and pf_ring module is loaded.
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@3, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@3"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - preallocating packets... packet size 2466
 /9/2018 -- 07:13:45 - <Perf> - Enabling zero-copy for zc:27@3
 /9/2018 -- 07:13:45 - <Debug> - Kernel release is '3.10.0-862.el7.x86_64'
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_PF_RING_OPEN(34)] - Failed to open zc:27@3: pfring_open error. Check if zc:27@3 exists and pf_ring module is loaded.
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@4, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@4"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - preallocating packets... packet size 2466
 /9/2018 -- 07:13:45 - <Perf> - Enabling zero-copy for zc:27@4
 /9/2018 -- 07:13:45 - <Debug> - Kernel release is '3.10.0-862.el7.x86_64'
 /9/2018 -- 07:13:45 - <Error> - [ERRCODE: SC_ERR_PF_RING_OPEN(34)] - Failed to open zc:27@4: pfring_open error. Check if zc:27@4 exists and pf_ring module is loaded.
 /9/2018 -- 07:13:45 - <Info> - Unable to find pfring config for interface zc:27@5, using default value or 1.0 configuration system.
 /9/2018 -- 07:13:45 - <Info> - Going to use 1 thread(s)
 /9/2018 -- 07:13:45 - <Debug> - creating thread "W#01-zc:27@5"...
 /9/2018 -- 07:13:45 - <Debug> - inqh_name "packetpool"
 /9/2018 -- 07:13:45 - <Debug> - tv->tmqh_in 0x559719e7c320
 /9/2018 -- 07:13:45 - <Debug> - outqh_name "packetpool"

« Previous
1
2
Next »

(2-2/2)

Project

General

Profile

Suricata

Support #2618 » suricata04.log