|
26/9/2019 -- 09:12:25 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 09:12:25 - <Warning> - [ERRCODE: SC_WARN_EVE_MISSING_EVENTS(318)] - eve.stats will not display all decoder events correctly. See #2225. Set a prefix in stats.decoder-events-prefix. In 5.0 the prefix will default to 'decoder.event'.
|
|
26/9/2019 -- 09:12:46 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 09:17:10 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 09:17:31 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 09:41:20 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 09:41:40 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 09:41:46 - <Notice> - Signal Received. Stopping engine.
|
|
26/9/2019 -- 09:41:47 - <Notice> - Stats for 'eno4': pkts: 0, drop: 0 (-nan%), invalid chksum: 0
|
|
26/9/2019 -- 09:42:53 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 09:43:13 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 12:59:06 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 12:59:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 13:02:43 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 13:03:04 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 13:03:50 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 13:04:11 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 13:04:14 - <Notice> - Signal Received. Stopping engine.
|
|
26/9/2019 -- 13:04:15 - <Notice> - Stats for 'eno4': pkts: 0, drop: 0 (-nan%), invalid chksum: 0
|
|
26/9/2019 -- 13:04:15 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 13:04:36 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 13:54:51 - <Notice> - Signal Received. Stopping engine.
|
|
26/9/2019 -- 13:54:53 - <Notice> - Stats for 'eno4': pkts: 0, drop: 0 (-nan%), invalid chksum: 0
|
|
26/9/2019 -- 14:03:18 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/9/2019 -- 14:03:39 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/9/2019 -- 14:11:34 - <Notice> - Signal Received. Stopping engine.
|
|
26/9/2019 -- 14:11:36 - <Notice> - Stats for 'eno4': pkts: 26, drop: 0 (0.00%), invalid chksum: 0
|
|
4/10/2019 -- 12:38:19 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
4/10/2019 -- 12:38:42 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
4/10/2019 -- 21:00:16 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
4/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
4/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 5027306896, drop: 1522866493 (30.29%), invalid chksum: 2
|
|
4/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
4/10/2019 -- 22:00:25 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
5/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
5/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 12380370163, drop: 2968383826 (23.98%), invalid chksum: 0
|
|
5/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
5/10/2019 -- 22:00:25 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
6/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11875585505, drop: 3353981904 (28.24%), invalid chksum: 12
|
|
6/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
6/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
7/10/2019 -- 21:00:21 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
7/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
7/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11311863813, drop: 3687138529 (32.60%), invalid chksum: 3
|
|
7/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
7/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
8/10/2019 -- 21:00:46 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
8/10/2019 -- 22:00:01 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
8/10/2019 -- 22:00:23 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
9/10/2019 -- 21:00:53 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
9/10/2019 -- 22:00:01 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
9/10/2019 -- 22:00:23 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
10/10/2019 -- 21:01:05 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
10/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
10/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11549994197, drop: 5103395735 (44.19%), invalid chksum: 17
|
|
10/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
10/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
11/10/2019 -- 21:00:41 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
11/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
11/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 12079457572, drop: 4384667608 (36.30%), invalid chksum: 5
|
|
11/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
11/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
12/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
12/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11227808490, drop: 3229984047 (28.77%), invalid chksum: 0
|
|
12/10/2019 -- 22:00:06 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
12/10/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
13/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
13/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 11092891262, drop: 3356253700 (30.26%), invalid chksum: 1
|
|
13/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
13/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
14/10/2019 -- 09:22:30 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
14/10/2019 -- 09:22:52 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
14/10/2019 -- 21:01:13 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
14/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
14/10/2019 -- 22:00:02 - <Notice> - Stats for 'eno4': pkts: 5985639594, drop: 622467499 (10.40%), invalid chksum: 1
|
|
14/10/2019 -- 22:00:02 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
14/10/2019 -- 22:00:25 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/10/2019 -- 21:00:42 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
15/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
15/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11507029174, drop: 3063845719 (26.63%), invalid chksum: 1
|
|
15/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
15/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
16/10/2019 -- 21:00:55 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
16/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
16/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11290605317, drop: 2597439308 (23.01%), invalid chksum: 7
|
|
16/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
16/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
17/10/2019 -- 21:00:42 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
17/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
17/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11807332106, drop: 3377176236 (28.60%), invalid chksum: 10
|
|
17/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
17/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/10/2019 -- 21:01:42 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
18/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
18/10/2019 -- 22:00:06 - <Notice> - Stats for 'eno4': pkts: 11506708918, drop: 2397145919 (20.83%), invalid chksum: 7
|
|
18/10/2019 -- 22:00:06 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
18/10/2019 -- 22:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
19/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
19/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 11249553431, drop: 3598911314 (31.99%), invalid chksum: 5
|
|
19/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
19/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
20/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
20/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 11206611253, drop: 3894378255 (34.75%), invalid chksum: 4
|
|
20/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
20/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
21/10/2019 -- 21:01:11 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
21/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
21/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11597102003, drop: 2865793488 (24.71%), invalid chksum: 46
|
|
21/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
21/10/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
22/10/2019 -- 21:00:37 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
22/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
22/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11636490792, drop: 3635110694 (31.24%), invalid chksum: 1
|
|
22/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
22/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
23/10/2019 -- 21:01:11 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
23/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
23/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11507047964, drop: 3207352916 (27.87%), invalid chksum: 116
|
|
23/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
23/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
24/10/2019 -- 21:00:28 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
24/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
24/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 12314575067, drop: 3112931072 (25.28%), invalid chksum: 2
|
|
24/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
24/10/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
25/10/2019 -- 21:00:46 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
25/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
25/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 12381782213, drop: 4405901063 (35.58%), invalid chksum: 12
|
|
25/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
25/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
26/10/2019 -- 22:00:03 - <Notice> - Stats for 'eno4': pkts: 12500955611, drop: 5166390191 (41.33%), invalid chksum: 5
|
|
26/10/2019 -- 22:00:03 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
26/10/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/10/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 12162648020, drop: 2841086536 (23.36%), invalid chksum: 1
|
|
27/10/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
27/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/10/2019 -- 21:00:57 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
28/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 12331964377, drop: 2508456854 (20.34%), invalid chksum: 2
|
|
28/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
28/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/10/2019 -- 21:00:45 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
29/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 12670044472, drop: 2879767465 (22.73%), invalid chksum: 6
|
|
29/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
29/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 12425437131, drop: 3463977232 (27.88%), invalid chksum: 6
|
|
30/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
30/10/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
31/10/2019 -- 21:00:49 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
31/10/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
31/10/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 11233211850, drop: 1830282520 (16.29%), invalid chksum: 9
|
|
31/10/2019 -- 22:00:05 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
31/10/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/11/2019 -- 21:00:25 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
1/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/11/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 11218406373, drop: 4337506331 (38.66%), invalid chksum: 1
|
|
1/11/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
1/11/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/11/2019 -- 22:00:07 - <Notice> - Stats for 'eno4': pkts: 11194925476, drop: 3737045927 (33.38%), invalid chksum: 10
|
|
2/11/2019 -- 22:00:07 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
2/11/2019 -- 22:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
3/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
3/11/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 13135770520, drop: 4649198012 (35.39%), invalid chksum: 0
|
|
3/11/2019 -- 22:00:04 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
3/11/2019 -- 22:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
4/11/2019 -- 21:00:23 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
4/11/2019 -- 22:00:01 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
4/11/2019 -- 22:00:23 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
5/11/2019 -- 21:00:46 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active
|
|
5/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
5/11/2019 -- 22:00:07 - <Notice> - Stats for 'eno4': pkts: 28186544814, drop: 12283482502 (43.58%), invalid chksum: 20
|
|
5/11/2019 -- 22:00:07 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
5/11/2019 -- 22:00:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 14:54:34 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
6/11/2019 -- 14:54:57 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 14:58:08 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
6/11/2019 -- 14:58:40 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 15:00:35 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
6/11/2019 -- 15:00:57 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 15:02:15 - <Notice> - Signal Received. Stopping engine.
|
|
6/11/2019 -- 15:02:16 - <Notice> - Stats for 'eno4': pkts: 27488499, drop: 6671865 (24.27%), invalid chksum: 0
|
|
6/11/2019 -- 15:02:33 - <Notice> - This is Suricata version 4.1.5 RELEASE
|
|
6/11/2019 -- 15:02:55 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 15:20:37 - <Notice> - Signal Received. Stopping engine.
|
|
6/11/2019 -- 15:20:38 - <Notice> - Stats for 'eno4': pkts: 352620525, drop: 69734898 (19.78%), invalid chksum: 0
|
|
6/11/2019 -- 15:21:38 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
6/11/2019 -- 15:21:38 - <Info> - CPUs/cores online: 12
|
|
6/11/2019 -- 15:21:38 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
6/11/2019 -- 15:21:38 - <Info> - Running in live mode, activating unix socket
|
|
6/11/2019 -- 15:21:45 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
6/11/2019 -- 15:21:45 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
6/11/2019 -- 15:21:45 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
6/11/2019 -- 15:22:03 - <Info> - Going to use 12 thread(s)
|
|
6/11/2019 -- 15:22:03 - <Info> - Running in live mode, activating unix socket
|
|
6/11/2019 -- 15:22:03 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
6/11/2019 -- 15:22:03 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 15:22:03 - <Info> - All AFP capture threads are running.
|
|
6/11/2019 -- 15:26:15 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:8 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
6/11/2019 -- 15:26:16 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
6/11/2019 -- 15:26:16 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 186
|
|
6/11/2019 -- 15:26:20 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
6/11/2019 -- 15:26:20 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 10197
|
|
6/11/2019 -- 15:26:25 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
6/11/2019 -- 21:00:50 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:8 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
6/11/2019 -- 21:00:50 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
6/11/2019 -- 21:00:50 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 186
|
|
6/11/2019 -- 21:00:53 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
6/11/2019 -- 21:00:53 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 10198
|
|
6/11/2019 -- 21:00:58 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
6/11/2019 -- 22:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
6/11/2019 -- 22:00:01 - <Info> - CPUs/cores online: 12
|
|
6/11/2019 -- 22:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
6/11/2019 -- 22:00:01 - <Info> - Running in live mode, activating unix socket
|
|
6/11/2019 -- 22:00:08 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
6/11/2019 -- 22:00:08 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
6/11/2019 -- 22:00:08 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
6/11/2019 -- 22:00:26 - <Info> - Going to use 12 thread(s)
|
|
6/11/2019 -- 22:00:26 - <Info> - Running in live mode, activating unix socket
|
|
6/11/2019 -- 22:00:26 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
6/11/2019 -- 22:00:26 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
6/11/2019 -- 22:00:26 - <Info> - All AFP capture threads are running.
|
|
7/11/2019 -- 07:20:20 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
7/11/2019 -- 07:20:20 - <Info> - CPUs/cores online: 12
|
|
7/11/2019 -- 07:20:20 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
7/11/2019 -- 07:20:20 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 07:20:27 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
7/11/2019 -- 07:20:28 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
7/11/2019 -- 07:20:28 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
7/11/2019 -- 07:20:45 - <Info> - Going to use 12 thread(s)
|
|
7/11/2019 -- 07:20:45 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 07:20:45 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
7/11/2019 -- 07:20:45 - <Info> - Created socket directory /var/run/suricata/
|
|
7/11/2019 -- 07:20:45 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
7/11/2019 -- 07:20:45 - <Info> - All AFP capture threads are running.
|
|
7/11/2019 -- 13:53:56 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:8 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
7/11/2019 -- 13:53:56 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
7/11/2019 -- 13:53:56 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 186
|
|
7/11/2019 -- 13:54:00 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
7/11/2019 -- 13:54:00 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 10213
|
|
7/11/2019 -- 13:54:06 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
7/11/2019 -- 13:59:22 - <Notice> - Signal Received. Stopping engine.
|
|
7/11/2019 -- 13:59:22 - <Info> - time elapsed 23917.387s
|
|
7/11/2019 -- 13:59:29 - <Info> - Alerts: 0
|
|
7/11/2019 -- 13:59:33 - <Info> - cleaning up signature grouping structure... complete
|
|
7/11/2019 -- 13:59:33 - <Notice> - Stats for 'eno4': pkts: 7900469430, drop: 1844773668 (23.35%), invalid chksum: 371
|
|
7/11/2019 -- 14:00:07 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
7/11/2019 -- 14:00:07 - <Info> - CPUs/cores online: 12
|
|
7/11/2019 -- 14:00:07 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
7/11/2019 -- 14:00:07 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:00:14 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
7/11/2019 -- 14:00:14 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
7/11/2019 -- 14:00:14 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
7/11/2019 -- 14:00:32 - <Info> - Going to use 12 thread(s)
|
|
7/11/2019 -- 14:00:32 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:00:32 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
7/11/2019 -- 14:00:32 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
7/11/2019 -- 14:00:32 - <Info> - All AFP capture threads are running.
|
|
7/11/2019 -- 14:10:16 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:9 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
7/11/2019 -- 14:10:16 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
7/11/2019 -- 14:10:16 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 191
|
|
7/11/2019 -- 14:10:21 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
7/11/2019 -- 14:10:21 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 10353
|
|
7/11/2019 -- 14:10:27 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
7/11/2019 -- 14:20:29 - <Notice> - Signal Received. Stopping engine.
|
|
7/11/2019 -- 14:20:29 - <Info> - time elapsed 1197.451s
|
|
7/11/2019 -- 14:20:31 - <Info> - Alerts: 0
|
|
7/11/2019 -- 14:20:31 - <Info> - cleaning up signature grouping structure... complete
|
|
7/11/2019 -- 14:20:31 - <Notice> - Stats for 'eno4': pkts: 380945736, drop: 73490120 (19.29%), invalid chksum: 0
|
|
7/11/2019 -- 14:20:31 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
7/11/2019 -- 14:20:31 - <Info> - CPUs/cores online: 12
|
|
7/11/2019 -- 14:20:31 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
7/11/2019 -- 14:20:31 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:20:39 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
7/11/2019 -- 14:20:39 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
7/11/2019 -- 14:20:39 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
7/11/2019 -- 14:20:56 - <Info> - Going to use 12 thread(s)
|
|
7/11/2019 -- 14:20:56 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:20:56 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
7/11/2019 -- 14:20:56 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
7/11/2019 -- 14:20:57 - <Info> - All AFP capture threads are running.
|
|
7/11/2019 -- 14:23:15 - <Notice> - Signal Received. Stopping engine.
|
|
7/11/2019 -- 14:23:15 - <Info> - time elapsed 138.962s
|
|
7/11/2019 -- 14:23:16 - <Info> - Alerts: 0
|
|
7/11/2019 -- 14:23:16 - <Info> - cleaning up signature grouping structure... complete
|
|
7/11/2019 -- 14:23:16 - <Notice> - Stats for 'eno4': pkts: 39811595, drop: 7042277 (17.69%), invalid chksum: 0
|
|
7/11/2019 -- 14:23:49 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
7/11/2019 -- 14:23:49 - <Info> - CPUs/cores online: 12
|
|
7/11/2019 -- 14:23:49 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
7/11/2019 -- 14:23:49 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:23:56 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
7/11/2019 -- 14:23:56 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
7/11/2019 -- 14:23:56 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
7/11/2019 -- 14:24:14 - <Info> - Going to use 12 thread(s)
|
|
7/11/2019 -- 14:24:14 - <Info> - Running in live mode, activating unix socket
|
|
7/11/2019 -- 14:24:14 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
7/11/2019 -- 14:24:14 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
7/11/2019 -- 14:24:14 - <Info> - All AFP capture threads are running.
|
|
7/11/2019 -- 21:00:51 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
7/11/2019 -- 21:00:51 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
7/11/2019 -- 21:00:51 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
7/11/2019 -- 21:00:55 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
7/11/2019 -- 21:00:55 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11499
|
|
7/11/2019 -- 21:01:02 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
8/11/2019 -- 08:27:57 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
8/11/2019 -- 08:27:57 - <Info> - CPUs/cores online: 12
|
|
8/11/2019 -- 08:27:57 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
8/11/2019 -- 08:27:57 - <Info> - Running in live mode, activating unix socket
|
|
8/11/2019 -- 08:28:04 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
8/11/2019 -- 08:28:04 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
8/11/2019 -- 08:28:04 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
8/11/2019 -- 08:28:22 - <Info> - Going to use 12 thread(s)
|
|
8/11/2019 -- 08:28:23 - <Info> - Running in live mode, activating unix socket
|
|
8/11/2019 -- 08:28:23 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
8/11/2019 -- 08:28:23 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
8/11/2019 -- 08:28:23 - <Info> - All AFP capture threads are running.
|
|
8/11/2019 -- 21:00:44 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
8/11/2019 -- 21:00:44 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
8/11/2019 -- 21:00:44 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
8/11/2019 -- 21:00:46 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
8/11/2019 -- 21:00:46 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11500
|
|
8/11/2019 -- 21:00:51 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
9/11/2019 -- 21:00:19 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
9/11/2019 -- 21:00:19 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
9/11/2019 -- 21:00:19 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
9/11/2019 -- 21:00:22 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
9/11/2019 -- 21:00:22 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11501
|
|
9/11/2019 -- 21:00:26 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
10/11/2019 -- 21:00:16 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
10/11/2019 -- 21:00:16 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
10/11/2019 -- 21:00:16 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
10/11/2019 -- 21:00:19 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
10/11/2019 -- 21:00:19 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11501
|
|
10/11/2019 -- 21:00:23 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
11/11/2019 -- 07:29:37 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
11/11/2019 -- 07:29:37 - <Info> - CPUs/cores online: 12
|
|
11/11/2019 -- 07:29:37 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
11/11/2019 -- 07:29:37 - <Info> - Running in live mode, activating unix socket
|
|
11/11/2019 -- 07:29:44 - <Info> - 1 rule files processed. 20229 rules successfully loaded, 0 rules failed
|
|
11/11/2019 -- 07:29:44 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
11/11/2019 -- 07:29:45 - <Info> - 20232 signatures processed. 1044 are IP-only rules, 4813 are inspecting packet payload, 14319 inspect application layer, 0 are decoder event only
|
|
11/11/2019 -- 07:30:02 - <Info> - Going to use 12 thread(s)
|
|
11/11/2019 -- 07:30:02 - <Info> - Running in live mode, activating unix socket
|
|
11/11/2019 -- 07:30:02 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
11/11/2019 -- 07:30:02 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
11/11/2019 -- 07:30:03 - <Info> - All AFP capture threads are running.
|
|
11/11/2019 -- 07:31:51 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
11/11/2019 -- 07:31:51 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
11/11/2019 -- 07:31:51 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
11/11/2019 -- 07:31:55 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
11/11/2019 -- 07:31:55 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11501
|
|
11/11/2019 -- 07:32:01 - <Error> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - Loading signatures failed.
|
|
12/11/2019 -- 12:25:50 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
12/11/2019 -- 12:25:50 - <Info> - CPUs/cores online: 12
|
|
12/11/2019 -- 12:25:50 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
12/11/2019 -- 12:25:50 - <Info> - Running in live mode, activating unix socket
|
|
12/11/2019 -- 12:25:50 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
12/11/2019 -- 12:25:50 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
12/11/2019 -- 12:25:50 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
12/11/2019 -- 12:25:53 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
12/11/2019 -- 12:25:53 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11506
|
|
12/11/2019 -- 12:25:58 - <Info> - 1 rule files processed. 23579 rules successfully loaded, 121 rules failed
|
|
12/11/2019 -- 12:25:58 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
12/11/2019 -- 12:25:58 - <Info> - 23583 signatures processed. 1053 are IP-only rules, 5087 are inspecting packet payload, 17347 inspect application layer, 0 are decoder event only
|
|
12/11/2019 -- 12:26:16 - <Info> - Going to use 12 thread(s)
|
|
12/11/2019 -- 12:26:16 - <Info> - Running in live mode, activating unix socket
|
|
12/11/2019 -- 12:26:16 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
12/11/2019 -- 12:26:16 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
12/11/2019 -- 12:26:17 - <Info> - All AFP capture threads are running.
|
|
14/11/2019 -- 07:52:55 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
14/11/2019 -- 07:52:55 - <Info> - CPUs/cores online: 12
|
|
14/11/2019 -- 07:52:55 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
14/11/2019 -- 07:52:55 - <Info> - Running in live mode, activating unix socket
|
|
14/11/2019 -- 07:52:55 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
14/11/2019 -- 07:52:55 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
14/11/2019 -- 07:52:55 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
14/11/2019 -- 07:52:58 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
14/11/2019 -- 07:52:58 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11506
|
|
14/11/2019 -- 07:53:02 - <Info> - 1 rule files processed. 23579 rules successfully loaded, 121 rules failed
|
|
14/11/2019 -- 07:53:02 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
14/11/2019 -- 07:53:03 - <Info> - 23583 signatures processed. 1053 are IP-only rules, 5087 are inspecting packet payload, 17347 inspect application layer, 0 are decoder event only
|
|
14/11/2019 -- 07:53:21 - <Info> - Going to use 12 thread(s)
|
|
14/11/2019 -- 07:53:21 - <Info> - Running in live mode, activating unix socket
|
|
14/11/2019 -- 07:53:21 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
14/11/2019 -- 07:53:21 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
14/11/2019 -- 07:53:21 - <Notice> - Signal Received. Stopping engine.
|
|
14/11/2019 -- 07:53:21 - <Info> - All AFP capture threads are running.
|
|
14/11/2019 -- 07:53:21 - <Info> - time elapsed 0.208s
|
|
14/11/2019 -- 07:53:21 - <Info> - Alerts: 0
|
|
14/11/2019 -- 07:53:22 - <Info> - cleaning up signature grouping structure... complete
|
|
14/11/2019 -- 07:53:22 - <Notice> - Stats for 'eno4': pkts: 159683, drop: 156865 (98.24%), invalid chksum: 0
|
|
14/11/2019 -- 07:53:30 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
14/11/2019 -- 07:53:30 - <Info> - CPUs/cores online: 12
|
|
14/11/2019 -- 07:53:30 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
14/11/2019 -- 07:53:30 - <Info> - Running in live mode, activating unix socket
|
|
14/11/2019 -- 07:53:30 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
14/11/2019 -- 07:53:30 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
14/11/2019 -- 07:53:30 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
14/11/2019 -- 07:53:33 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
14/11/2019 -- 07:53:33 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11506
|
|
14/11/2019 -- 07:53:38 - <Info> - 1 rule files processed. 23579 rules successfully loaded, 121 rules failed
|
|
14/11/2019 -- 07:53:38 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
14/11/2019 -- 07:53:38 - <Info> - 23583 signatures processed. 1053 are IP-only rules, 5087 are inspecting packet payload, 17347 inspect application layer, 0 are decoder event only
|
|
14/11/2019 -- 07:53:57 - <Info> - Going to use 12 thread(s)
|
|
14/11/2019 -- 07:53:57 - <Info> - Running in live mode, activating unix socket
|
|
14/11/2019 -- 07:53:57 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
14/11/2019 -- 07:53:57 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
14/11/2019 -- 07:53:57 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 07:54:23 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 07:54:23 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 07:54:23 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 07:54:23 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 07:54:23 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 07:54:23 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 07:54:23 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 07:54:26 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 07:54:26 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 07:54:30 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 07:54:30 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 07:54:31 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 07:54:49 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 07:54:49 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 07:54:49 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 07:54:49 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 07:54:49 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 08:09:57 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 08:09:58 - <Info> - time elapsed 909.302s
|
|
15/11/2019 -- 08:09:59 - <Info> - Alerts: 0
|
|
15/11/2019 -- 08:10:00 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 08:10:00 - <Notice> - Stats for 'eno4': pkts: 311728971, drop: 97755791 (31.36%), invalid chksum: 0
|
|
15/11/2019 -- 08:10:06 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 08:10:06 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 08:10:06 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 08:10:06 - <Warning> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - JA3 is disabled, skipping fields
|
|
15/11/2019 -- 08:10:06 - <Warning> - [ERRCODE: SC_WARN_DUPLICATE_OUTPUT(296)] - Both 'certificate' and 'chain' contains the top certificate, so only one of them should be enabled at a time
|
|
15/11/2019 -- 08:10:06 - <Warning> - [ERRCODE: SC_WARN_DUPLICATE_OUTPUT(296)] - Both 'certificate' and 'chain' contains the top certificate, so only one of them should be enabled at a time
|
|
15/11/2019 -- 08:10:06 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 08:10:06 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 08:10:06 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 08:10:06 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 08:10:09 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 08:10:09 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 08:10:13 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 08:10:13 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 08:10:14 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 08:10:32 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 08:10:32 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 08:10:32 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 08:10:32 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 08:10:32 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 08:10:47 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 08:10:48 - <Info> - time elapsed 15.621s
|
|
15/11/2019 -- 08:10:48 - <Info> - Alerts: 0
|
|
15/11/2019 -- 08:10:48 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 08:10:48 - <Notice> - Stats for 'eno4': pkts: 3956510, drop: 518792 (13.11%), invalid chksum: 0
|
|
15/11/2019 -- 08:16:50 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 08:16:50 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 08:16:50 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 08:16:50 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 08:16:50 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 08:16:50 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 08:16:50 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 08:16:50 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 08:16:53 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 08:16:53 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 08:16:57 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 08:16:57 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 08:16:57 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 08:17:15 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 08:17:15 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 08:17:15 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 08:17:15 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 08:17:16 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 10:26:23 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 10:26:23 - <Info> - time elapsed 7748.107s
|
|
15/11/2019 -- 10:26:28 - <Info> - Alerts: 0
|
|
15/11/2019 -- 10:26:29 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 10:26:29 - <Notice> - Stats for 'eno4': pkts: 2678519054, drop: 882103332 (32.93%), invalid chksum: 5
|
|
15/11/2019 -- 10:26:47 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:26:47 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:26:47 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:26:47 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:26:47 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:26:47 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:26:47 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:26:47 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:26:47 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:26:47 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:26:47 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:26:47 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:26:50 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:26:50 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:26:54 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:26:54 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:26:55 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:27:13 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:27:13 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:27:13 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:27:13 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 10:27:13 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 10:33:05 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 10:33:07 - <Info> - time elapsed 353.911s
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#01-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#02-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#03-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#04-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#05-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:07 - <Info> - (W#06-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#07-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#08-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#09-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#10-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#11-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - (W#12-eno4) Files extracted 0
|
|
15/11/2019 -- 10:33:08 - <Info> - Alerts: 0
|
|
15/11/2019 -- 10:33:08 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 10:33:08 - <Notice> - Stats for 'eno4': pkts: 129455466, drop: 44975847 (34.74%), invalid chksum: 0
|
|
15/11/2019 -- 10:33:58 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:33:58 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:33:58 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:33:59 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:33:59 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:33:59 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:33:59 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:33:59 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:33:59 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:33:59 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:33:59 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:33:59 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:33:59 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:34:02 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:34:02 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:34:06 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:34:06 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:34:06 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:34:24 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:34:24 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:34:24 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:34:24 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:34:25 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 10:34:54 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 10:34:55 - <Info> - time elapsed 30.558s
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#01-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#02-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#03-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#04-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#05-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#06-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#07-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#08-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#09-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#10-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#11-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - (W#12-eno4) Files extracted 0
|
|
15/11/2019 -- 10:34:55 - <Info> - Alerts: 137
|
|
15/11/2019 -- 10:34:56 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 10:34:56 - <Notice> - Stats for 'eno4': pkts: 9039507, drop: 1327672 (14.69%), invalid chksum: 0
|
|
15/11/2019 -- 10:35:37 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:35:37 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:35:37 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:35:37 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:35:37 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:35:37 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:35:37 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:35:37 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:35:37 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:35:37 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:35:37 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:35:37 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:35:37 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:35:40 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:35:40 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:35:44 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:35:44 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:35:44 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:36:03 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:36:03 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:36:03 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:36:03 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:36:03 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 10:36:33 - <Notice> - Signal Received. Stopping engine.
|
|
15/11/2019 -- 10:36:34 - <Info> - time elapsed 31.043s
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#01-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#02-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#03-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#04-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#05-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#06-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#07-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#08-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#09-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#10-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#11-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - (W#12-eno4) Files extracted 0
|
|
15/11/2019 -- 10:36:34 - <Info> - Alerts: 149
|
|
15/11/2019 -- 10:36:35 - <Info> - cleaning up signature grouping structure... complete
|
|
15/11/2019 -- 10:36:35 - <Notice> - Stats for 'eno4': pkts: 13492082, drop: 7107714 (52.68%), invalid chksum: 0
|
|
15/11/2019 -- 10:38:10 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:38:10 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:38:10 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:38:10 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:38:10 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:38:10 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:38:10 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:38:10 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:38:10 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:38:10 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:38:10 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:38:10 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:38:10 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:38:13 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:38:13 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:38:17 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:38:17 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:38:18 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:38:36 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Unable to find type for iface "eth0": No such device
|
|
15/11/2019 -- 10:38:36 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:38:36 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:38:36 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:38:36 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:38:36 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Unable to find iface eth0: No such device
|
|
15/11/2019 -- 10:38:36 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
|
|
15/11/2019 -- 10:38:36 - <Error> - [ERRCODE: SC_ERR_FATAL(171)] - thread W#01-eth0 failed
|
|
15/11/2019 -- 10:39:08 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:39:08 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:39:08 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:39:08 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:39:08 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:39:08 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:39:08 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:39:08 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:39:08 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:39:08 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:39:08 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:39:08 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:39:08 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:39:11 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:39:11 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:39:15 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:39:15 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:39:16 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:39:34 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Unable to find type for iface "eth0": No such device
|
|
15/11/2019 -- 10:39:34 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:39:34 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:39:34 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:39:34 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:39:34 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Unable to find iface eth0: No such device
|
|
15/11/2019 -- 10:39:34 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
|
|
15/11/2019 -- 10:39:34 - <Error> - [ERRCODE: SC_ERR_FATAL(171)] - thread W#01-eth0 failed
|
|
15/11/2019 -- 10:39:52 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:39:52 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:39:52 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:39:52 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:39:52 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:39:52 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:39:52 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:39:52 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:39:52 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:39:52 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:39:52 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:39:52 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:39:52 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:39:55 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:39:55 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:40:00 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:40:00 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:40:00 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:40:18 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:40:18 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:40:18 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:40:18 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:40:19 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 10:46:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 10:46:01 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 10:46:01 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 10:46:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 10:46:02 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 10:46:02 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 10:46:02 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 10:46:02 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 10:46:02 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:46:02 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:46:02 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 10:46:02 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3 support is not enabled
|
|
15/11/2019 -- 10:46:02 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET JA3 Hash - [Abuse.ch] Possible Dridex"; ja3_hash; content:"cb98a24ee4b9134448ffb5714fd870ac"; reference:url,sslbl.abuse.ch/ja3-fingerprints/; classtype:unknown; sid:2028766; rev:2; metadata:created_at 2019_10_14, updated_at 2019_10_29;)" from file /var/lib/suricata/rules/suricata.rules at line 217
|
|
15/11/2019 -- 10:46:04 - <Error> - [ERRCODE: SC_WARN_JA3_DISABLED(309)] - ja3(s) support is not enabled
|
|
15/11/2019 -- 10:46:04 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET JA3 Hash - Suspected Cobalt Strike Malleable C2 (ja3s) M1"; flow:established,from_server; ja3s.hash; content:"649d6810e8392f63dc311eecb6b7098b"; tls.cert_subject; content:!"servicebus.windows.net"; flowbits:isset,ET.cobaltstrike.ja3; metadata: former_category JA3; classtype:command-and-control; sid:2028832; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, deployment Perimeter, signature_severity Major, created_at 2019_10_15, malware_family Cobalt_Strike, updated_at 2019_10_15;)" from file /var/lib/suricata/rules/suricata.rules at line 11515
|
|
15/11/2019 -- 10:46:09 - <Info> - 1 rule files processed. 23599 rules successfully loaded, 121 rules failed
|
|
15/11/2019 -- 10:46:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 10:46:09 - <Info> - 23603 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17369 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 10:46:27 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 10:46:27 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 10:46:27 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 10:46:27 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 10:46:28 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 14:02:05 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 14:02:05 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 14:02:05 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 14:02:06 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 14:02:06 - <Warning> - [ERRCODE: SC_WARN_DEPRECATED(203)] - File-store v1 has been deprecated and will be removed by June 2020. Please update to file-store v2.
|
|
15/11/2019 -- 14:02:06 - <Info> - forcing magic lookup for stored files
|
|
15/11/2019 -- 14:02:06 - <Info> - md5 calculation requires linking against libnss
|
|
15/11/2019 -- 14:02:06 - <Info> - storing files in /var/log/suricata//files
|
|
15/11/2019 -- 14:02:06 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:02:06 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:02:06 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 14:02:13 - <Info> - 1 rule files processed. 23598 rules successfully loaded, 0 rules failed
|
|
15/11/2019 -- 14:02:13 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 14:02:13 - <Info> - 23602 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17368 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 14:02:31 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 14:02:32 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:02:32 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 14:02:32 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
15/11/2019 -- 14:02:32 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 14:08:05 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 14:08:05 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 14:08:05 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 14:08:05 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 14:08:05 - <Info> - stats output device (regular) initialized: stats.log
|
|
15/11/2019 -- 14:08:05 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:08:05 - <Warning> - [ERRCODE: SC_ERR_UNKNOWN_VALUE(129)] - signature at /var/lib/suricata/rules/suricata.rules:10 uses unknown classtype: "command-and-control", using default priority 3. This message won't be shown again for this classtype
|
|
15/11/2019 -- 14:08:12 - <Info> - 1 rule files processed. 23598 rules successfully loaded, 0 rules failed
|
|
15/11/2019 -- 14:08:12 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 14:08:12 - <Info> - 23602 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17368 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 14:14:10 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 14:14:10 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 14:14:10 - <Warning> - [ERRCODE: SC_WARN_NO_JA3_SUPPORT(308)] - no MD5 calculation support built in (LibNSS), disabling JA3
|
|
15/11/2019 -- 14:14:10 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 14:14:10 - <Info> - stats output device (regular) initialized: stats.log
|
|
15/11/2019 -- 14:14:10 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:14:17 - <Info> - 1 rule files processed. 23598 rules successfully loaded, 0 rules failed
|
|
15/11/2019 -- 14:14:17 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 14:14:17 - <Info> - 23602 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17368 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 14:14:35 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 14:14:36 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:14:36 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 14:14:36 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 14:14:36 - <Info> - All AFP capture threads are running.
|
|
15/11/2019 -- 14:16:05 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
15/11/2019 -- 14:16:05 - <Info> - CPUs/cores online: 12
|
|
15/11/2019 -- 14:16:05 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
15/11/2019 -- 14:16:05 - <Info> - stats output device (regular) initialized: stats.log
|
|
15/11/2019 -- 14:16:05 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:16:12 - <Info> - 1 rule files processed. 23598 rules successfully loaded, 0 rules failed
|
|
15/11/2019 -- 14:16:13 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
15/11/2019 -- 14:16:13 - <Info> - 23602 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17368 inspect application layer, 0 are decoder event only
|
|
15/11/2019 -- 14:16:31 - <Info> - Going to use 12 thread(s)
|
|
15/11/2019 -- 14:16:31 - <Info> - Running in live mode, activating unix socket
|
|
15/11/2019 -- 14:16:31 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
15/11/2019 -- 14:16:31 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
15/11/2019 -- 14:16:31 - <Info> - All AFP capture threads are running.
|
|
18/11/2019 -- 07:31:50 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
18/11/2019 -- 07:31:50 - <Info> - CPUs/cores online: 12
|
|
18/11/2019 -- 07:31:50 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
18/11/2019 -- 07:31:50 - <Info> - stats output device (regular) initialized: stats.log
|
|
18/11/2019 -- 07:31:50 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:31:58 - <Info> - 1 rule files processed. 23598 rules successfully loaded, 0 rules failed
|
|
18/11/2019 -- 07:31:58 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
18/11/2019 -- 07:31:58 - <Info> - 23602 signatures processed. 1050 are IP-only rules, 5088 are inspecting packet payload, 17368 inspect application layer, 0 are decoder event only
|
|
18/11/2019 -- 07:32:17 - <Info> - Going to use 12 thread(s)
|
|
18/11/2019 -- 07:32:17 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:32:17 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
18/11/2019 -- 07:32:17 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/11/2019 -- 07:32:17 - <Info> - All AFP capture threads are running.
|
|
18/11/2019 -- 07:55:26 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
18/11/2019 -- 07:55:26 - <Info> - CPUs/cores online: 12
|
|
18/11/2019 -- 07:55:26 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
18/11/2019 -- 07:55:26 - <Info> - stats output device (regular) initialized: stats.log
|
|
18/11/2019 -- 07:55:26 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:55:33 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
18/11/2019 -- 07:55:33 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
18/11/2019 -- 07:55:33 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
18/11/2019 -- 07:55:51 - <Info> - Going to use 12 thread(s)
|
|
18/11/2019 -- 07:55:52 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:55:52 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
18/11/2019 -- 07:55:52 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/11/2019 -- 07:55:52 - <Info> - All AFP capture threads are running.
|
|
18/11/2019 -- 07:56:12 - <Notice> - Signal Received. Stopping engine.
|
|
18/11/2019 -- 07:56:12 - <Info> - time elapsed 20.400s
|
|
18/11/2019 -- 07:56:12 - <Info> - Alerts: 0
|
|
18/11/2019 -- 07:56:13 - <Info> - cleaning up signature grouping structure... complete
|
|
18/11/2019 -- 07:56:13 - <Notice> - Stats for 'eno4': pkts: 11794849, drop: 7417273 (62.89%), invalid chksum: 0
|
|
18/11/2019 -- 07:56:13 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
18/11/2019 -- 07:56:13 - <Info> - CPUs/cores online: 12
|
|
18/11/2019 -- 07:56:13 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
18/11/2019 -- 07:56:13 - <Info> - stats output device (regular) initialized: stats.log
|
|
18/11/2019 -- 07:56:13 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:56:20 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
18/11/2019 -- 07:56:20 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
18/11/2019 -- 07:56:20 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
18/11/2019 -- 07:56:38 - <Info> - Going to use 12 thread(s)
|
|
18/11/2019 -- 07:56:39 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 07:56:39 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
18/11/2019 -- 07:56:39 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/11/2019 -- 07:56:39 - <Info> - All AFP capture threads are running.
|
|
18/11/2019 -- 08:57:24 - <Notice> - Signal Received. Stopping engine.
|
|
18/11/2019 -- 08:57:24 - <Info> - time elapsed 3645.749s
|
|
18/11/2019 -- 08:57:28 - <Info> - Alerts: 0
|
|
18/11/2019 -- 08:57:29 - <Info> - cleaning up signature grouping structure... complete
|
|
18/11/2019 -- 08:57:29 - <Notice> - Stats for 'eno4': pkts: 1277687211, drop: 362287087 (28.35%), invalid chksum: 5
|
|
18/11/2019 -- 08:58:24 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
18/11/2019 -- 08:58:24 - <Info> - CPUs/cores online: 12
|
|
18/11/2019 -- 08:58:24 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
18/11/2019 -- 08:58:24 - <Info> - stats output device (regular) initialized: stats.log
|
|
18/11/2019 -- 08:58:24 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 08:58:32 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
18/11/2019 -- 08:58:32 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
18/11/2019 -- 08:58:32 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
18/11/2019 -- 08:58:50 - <Info> - Going to use 12 thread(s)
|
|
18/11/2019 -- 08:58:50 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 08:58:50 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
18/11/2019 -- 08:58:50 - <Info> - Created socket directory /var/run/suricata/
|
|
18/11/2019 -- 08:58:50 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/11/2019 -- 08:58:51 - <Info> - All AFP capture threads are running.
|
|
18/11/2019 -- 14:28:54 - <Notice> - Signal Received. Stopping engine.
|
|
18/11/2019 -- 14:28:54 - <Info> - time elapsed 19803.717s
|
|
18/11/2019 -- 14:29:00 - <Info> - Alerts: 0
|
|
18/11/2019 -- 14:29:02 - <Info> - cleaning up signature grouping structure... complete
|
|
18/11/2019 -- 14:29:02 - <Notice> - Stats for 'eno4': pkts: 6642434880, drop: 1822115283 (27.43%), invalid chksum: 4
|
|
18/11/2019 -- 14:29:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
18/11/2019 -- 14:29:02 - <Info> - CPUs/cores online: 12
|
|
18/11/2019 -- 14:29:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
18/11/2019 -- 14:29:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
18/11/2019 -- 14:29:02 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 14:29:10 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
18/11/2019 -- 14:29:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
18/11/2019 -- 14:29:10 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
18/11/2019 -- 14:29:28 - <Info> - Going to use 12 thread(s)
|
|
18/11/2019 -- 14:29:28 - <Info> - Running in live mode, activating unix socket
|
|
18/11/2019 -- 14:29:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
18/11/2019 -- 14:29:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
18/11/2019 -- 14:29:29 - <Info> - All AFP capture threads are running.
|
|
19/11/2019 -- 07:38:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
19/11/2019 -- 07:38:02 - <Info> - CPUs/cores online: 12
|
|
19/11/2019 -- 07:38:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
19/11/2019 -- 07:38:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
19/11/2019 -- 07:38:02 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:38:10 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
19/11/2019 -- 07:38:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
19/11/2019 -- 07:38:10 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
19/11/2019 -- 07:38:28 - <Info> - Going to use 12 thread(s)
|
|
19/11/2019 -- 07:38:28 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:38:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
19/11/2019 -- 07:38:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
19/11/2019 -- 07:38:29 - <Info> - All AFP capture threads are running.
|
|
19/11/2019 -- 07:39:38 - <Notice> - Signal Received. Stopping engine.
|
|
19/11/2019 -- 07:39:38 - <Info> - time elapsed 69.685s
|
|
19/11/2019 -- 07:39:39 - <Info> - Alerts: 0
|
|
19/11/2019 -- 07:39:39 - <Info> - cleaning up signature grouping structure... complete
|
|
19/11/2019 -- 07:39:39 - <Notice> - Stats for 'eno4': pkts: 20464682, drop: 3186408 (15.57%), invalid chksum: 0
|
|
19/11/2019 -- 07:39:39 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
19/11/2019 -- 07:39:39 - <Info> - CPUs/cores online: 12
|
|
19/11/2019 -- 07:39:39 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
19/11/2019 -- 07:39:39 - <Info> - stats output device (regular) initialized: stats.log
|
|
19/11/2019 -- 07:39:39 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:39:46 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
19/11/2019 -- 07:39:46 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
19/11/2019 -- 07:39:47 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
19/11/2019 -- 07:40:05 - <Info> - Going to use 12 thread(s)
|
|
19/11/2019 -- 07:40:05 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:40:05 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
19/11/2019 -- 07:40:05 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
19/11/2019 -- 07:40:05 - <Info> - All AFP capture threads are running.
|
|
19/11/2019 -- 07:44:13 - <Notice> - Signal Received. Stopping engine.
|
|
19/11/2019 -- 07:44:14 - <Info> - time elapsed 249.206s
|
|
19/11/2019 -- 07:44:15 - <Info> - Alerts: 0
|
|
19/11/2019 -- 07:44:16 - <Info> - cleaning up signature grouping structure... complete
|
|
19/11/2019 -- 07:44:16 - <Notice> - Stats for 'eno4': pkts: 71733724, drop: 23996074 (33.45%), invalid chksum: 0
|
|
19/11/2019 -- 07:44:16 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
19/11/2019 -- 07:44:16 - <Info> - CPUs/cores online: 12
|
|
19/11/2019 -- 07:44:16 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
19/11/2019 -- 07:44:16 - <Info> - stats output device (regular) initialized: stats.log
|
|
19/11/2019 -- 07:44:16 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:44:23 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
19/11/2019 -- 07:44:23 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
19/11/2019 -- 07:44:23 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
19/11/2019 -- 07:44:41 - <Info> - Going to use 12 thread(s)
|
|
19/11/2019 -- 07:44:41 - <Info> - Running in live mode, activating unix socket
|
|
19/11/2019 -- 07:44:41 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
19/11/2019 -- 07:44:41 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
19/11/2019 -- 07:44:42 - <Info> - All AFP capture threads are running.
|
|
20/11/2019 -- 07:18:22 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
20/11/2019 -- 07:18:22 - <Info> - CPUs/cores online: 12
|
|
20/11/2019 -- 07:18:23 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
20/11/2019 -- 07:18:23 - <Info> - stats output device (regular) initialized: stats.log
|
|
20/11/2019 -- 07:18:23 - <Info> - Running in live mode, activating unix socket
|
|
20/11/2019 -- 07:18:30 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
20/11/2019 -- 07:18:30 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
20/11/2019 -- 07:18:30 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
20/11/2019 -- 07:18:48 - <Info> - Going to use 12 thread(s)
|
|
20/11/2019 -- 07:18:48 - <Info> - Running in live mode, activating unix socket
|
|
20/11/2019 -- 07:18:48 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
20/11/2019 -- 07:18:48 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
20/11/2019 -- 07:18:49 - <Info> - All AFP capture threads are running.
|
|
20/11/2019 -- 16:39:08 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
20/11/2019 -- 16:39:08 - <Info> - CPUs/cores online: 12
|
|
20/11/2019 -- 16:39:09 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
20/11/2019 -- 16:39:09 - <Info> - stats output device (regular) initialized: stats.log
|
|
20/11/2019 -- 16:39:09 - <Info> - Running in live mode, activating unix socket
|
|
20/11/2019 -- 16:39:16 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
20/11/2019 -- 16:39:16 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
20/11/2019 -- 16:39:16 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
20/11/2019 -- 16:39:34 - <Info> - Going to use 12 thread(s)
|
|
20/11/2019 -- 16:39:34 - <Info> - Running in live mode, activating unix socket
|
|
20/11/2019 -- 16:39:34 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
20/11/2019 -- 16:39:34 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
20/11/2019 -- 16:39:35 - <Info> - All AFP capture threads are running.
|
|
21/11/2019 -- 07:51:16 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
21/11/2019 -- 07:51:16 - <Info> - CPUs/cores online: 12
|
|
21/11/2019 -- 07:51:16 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
21/11/2019 -- 07:51:16 - <Info> - stats output device (regular) initialized: stats.log
|
|
21/11/2019 -- 07:51:16 - <Info> - Running in live mode, activating unix socket
|
|
21/11/2019 -- 07:51:24 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
21/11/2019 -- 07:51:24 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
21/11/2019 -- 07:51:24 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
21/11/2019 -- 07:51:42 - <Info> - Going to use 12 thread(s)
|
|
21/11/2019 -- 07:51:43 - <Info> - Running in live mode, activating unix socket
|
|
21/11/2019 -- 07:51:43 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
21/11/2019 -- 07:51:43 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
21/11/2019 -- 07:51:43 - <Info> - All AFP capture threads are running.
|
|
21/11/2019 -- 16:36:30 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
21/11/2019 -- 16:36:30 - <Info> - CPUs/cores online: 12
|
|
21/11/2019 -- 16:36:31 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
21/11/2019 -- 16:36:31 - <Info> - stats output device (regular) initialized: stats.log
|
|
21/11/2019 -- 16:36:31 - <Info> - Running in live mode, activating unix socket
|
|
21/11/2019 -- 16:36:38 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
21/11/2019 -- 16:36:38 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
21/11/2019 -- 16:36:38 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
21/11/2019 -- 16:36:56 - <Info> - Going to use 12 thread(s)
|
|
21/11/2019 -- 16:36:57 - <Info> - Running in live mode, activating unix socket
|
|
21/11/2019 -- 16:36:57 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
21/11/2019 -- 16:36:57 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
21/11/2019 -- 16:36:57 - <Info> - All AFP capture threads are running.
|
|
22/11/2019 -- 07:20:33 - <Notice> - Signal Received. Stopping engine.
|
|
22/11/2019 -- 07:20:33 - <Info> - time elapsed 53017.055s
|
|
22/11/2019 -- 07:20:52 - <Info> - Alerts: 0
|
|
22/11/2019 -- 07:20:57 - <Info> - cleaning up signature grouping structure... complete
|
|
22/11/2019 -- 07:20:57 - <Notice> - Stats for 'eno4': pkts: 17197882647, drop: 5974080344 (34.74%), invalid chksum: 2
|
|
22/11/2019 -- 07:20:59 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
22/11/2019 -- 07:20:59 - <Info> - CPUs/cores online: 12
|
|
22/11/2019 -- 07:21:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
22/11/2019 -- 07:21:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
22/11/2019 -- 07:21:01 - <Info> - Running in live mode, activating unix socket
|
|
22/11/2019 -- 07:21:09 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
22/11/2019 -- 07:21:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
22/11/2019 -- 07:21:09 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
22/11/2019 -- 07:21:27 - <Info> - Going to use 12 thread(s)
|
|
22/11/2019 -- 07:21:27 - <Info> - Running in live mode, activating unix socket
|
|
22/11/2019 -- 07:21:27 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
22/11/2019 -- 07:21:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
22/11/2019 -- 07:21:27 - <Info> - All AFP capture threads are running.
|
|
25/11/2019 -- 07:36:54 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
25/11/2019 -- 07:36:54 - <Info> - CPUs/cores online: 12
|
|
25/11/2019 -- 07:36:54 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
25/11/2019 -- 07:36:54 - <Info> - stats output device (regular) initialized: stats.log
|
|
25/11/2019 -- 07:36:54 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 07:37:02 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
25/11/2019 -- 07:37:02 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
25/11/2019 -- 07:37:02 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
25/11/2019 -- 07:37:20 - <Info> - Going to use 12 thread(s)
|
|
25/11/2019 -- 07:37:20 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 07:37:20 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
25/11/2019 -- 07:37:20 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
25/11/2019 -- 07:37:21 - <Info> - All AFP capture threads are running.
|
|
25/11/2019 -- 09:02:08 - <Notice> - Signal Received. Stopping engine.
|
|
25/11/2019 -- 09:02:08 - <Info> - time elapsed 5088.291s
|
|
25/11/2019 -- 09:02:12 - <Info> - Alerts: 0
|
|
25/11/2019 -- 09:02:13 - <Info> - cleaning up signature grouping structure... complete
|
|
25/11/2019 -- 09:02:13 - <Notice> - Stats for 'eno4': pkts: 1764361746, drop: 408198909 (23.14%), invalid chksum: 1
|
|
25/11/2019 -- 09:02:13 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
25/11/2019 -- 09:02:13 - <Info> - CPUs/cores online: 12
|
|
25/11/2019 -- 09:02:13 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
25/11/2019 -- 09:02:13 - <Info> - stats output device (regular) initialized: stats.log
|
|
25/11/2019 -- 09:02:13 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 09:02:20 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
25/11/2019 -- 09:02:20 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
25/11/2019 -- 09:02:20 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
25/11/2019 -- 09:02:39 - <Info> - Going to use 12 thread(s)
|
|
25/11/2019 -- 09:02:39 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 09:02:39 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
25/11/2019 -- 09:02:39 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
25/11/2019 -- 09:02:39 - <Info> - All AFP capture threads are running.
|
|
25/11/2019 -- 16:36:13 - <Notice> - Signal Received. Stopping engine.
|
|
25/11/2019 -- 16:36:13 - <Info> - time elapsed 27214.377s
|
|
25/11/2019 -- 16:36:24 - <Info> - Alerts: 0
|
|
25/11/2019 -- 16:36:27 - <Info> - cleaning up signature grouping structure... complete
|
|
25/11/2019 -- 16:36:27 - <Notice> - Stats for 'eno4': pkts: 9815175100, drop: 3096135601 (31.54%), invalid chksum: 6
|
|
25/11/2019 -- 16:36:28 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
25/11/2019 -- 16:36:28 - <Info> - CPUs/cores online: 12
|
|
25/11/2019 -- 16:36:28 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
25/11/2019 -- 16:36:28 - <Info> - stats output device (regular) initialized: stats.log
|
|
25/11/2019 -- 16:36:28 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 16:36:35 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
25/11/2019 -- 16:36:35 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
25/11/2019 -- 16:36:35 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
25/11/2019 -- 16:36:54 - <Info> - Going to use 12 thread(s)
|
|
25/11/2019 -- 16:36:54 - <Info> - Running in live mode, activating unix socket
|
|
25/11/2019 -- 16:36:54 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
25/11/2019 -- 16:36:54 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
25/11/2019 -- 16:36:54 - <Info> - All AFP capture threads are running.
|
|
26/11/2019 -- 07:06:11 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
26/11/2019 -- 07:06:11 - <Info> - CPUs/cores online: 12
|
|
26/11/2019 -- 07:06:11 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
|
|
26/11/2019 -- 07:06:31 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
26/11/2019 -- 07:06:31 - <Info> - CPUs/cores online: 12
|
|
26/11/2019 -- 07:06:31 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
|
|
26/11/2019 -- 07:07:52 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
26/11/2019 -- 07:07:52 - <Info> - CPUs/cores online: 12
|
|
26/11/2019 -- 07:07:52 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
26/11/2019 -- 07:07:52 - <Info> - stats output device (regular) initialized: stats.log
|
|
26/11/2019 -- 07:07:52 - <Info> - Running in live mode, activating unix socket
|
|
26/11/2019 -- 07:07:59 - <Info> - 1 rule files processed. 23606 rules successfully loaded, 0 rules failed
|
|
26/11/2019 -- 07:08:00 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
26/11/2019 -- 07:08:00 - <Info> - 23610 signatures processed. 1048 are IP-only rules, 5090 are inspecting packet payload, 17376 inspect application layer, 0 are decoder event only
|
|
26/11/2019 -- 07:08:18 - <Info> - Going to use 12 thread(s)
|
|
26/11/2019 -- 07:08:18 - <Info> - Running in live mode, activating unix socket
|
|
26/11/2019 -- 07:08:18 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
26/11/2019 -- 07:08:18 - <Info> - Created socket directory /var/run/suricata/
|
|
26/11/2019 -- 07:08:18 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
26/11/2019 -- 07:08:19 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 07:10:22 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 07:10:22 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 07:10:22 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
|
|
27/11/2019 -- 07:12:43 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 07:12:43 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 07:12:43 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
|
|
27/11/2019 -- 07:18:27 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 07:18:27 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 07:18:27 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 07:18:27 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 07:18:27 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 07:18:35 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 07:18:35 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 07:18:35 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 07:18:53 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 07:18:54 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 07:18:54 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 07:18:54 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 07:18:54 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 07:44:25 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 07:44:25 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 07:44:25 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists but appears stale. Make sure Suricata is not running and then remove /var/run/suricata.pid. Aborting!
|
|
27/11/2019 -- 07:45:13 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 07:45:13 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 07:45:13 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 07:45:13 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 07:45:13 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 07:45:21 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 07:45:21 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 07:45:21 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 07:45:39 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 07:45:40 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 07:45:40 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 07:45:40 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 07:45:40 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 14:40:41 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 14:40:41 - <Info> - time elapsed 24901.586s
|
|
27/11/2019 -- 14:40:48 - <Info> - Alerts: 0
|
|
27/11/2019 -- 14:40:51 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 14:40:51 - <Notice> - Stats for 'eno4': pkts: 8827182919, drop: 2922449700 (33.11%), invalid chksum: 0
|
|
27/11/2019 -- 15:02:26 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:02:26 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:02:26 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:02:26 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:02:26 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:02:34 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:02:34 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:02:34 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:02:53 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:02:53 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:02:53 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:02:53 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:02:53 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:03:25 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:03:25 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:03:25 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists and Suricata appears to be running. Aborting!
|
|
27/11/2019 -- 15:03:35 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:03:35 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:03:35 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists and Suricata appears to be running. Aborting!
|
|
27/11/2019 -- 15:03:45 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:03:45 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:03:45 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists and Suricata appears to be running. Aborting!
|
|
27/11/2019 -- 15:03:56 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:03:56 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:03:56 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists and Suricata appears to be running. Aborting!
|
|
27/11/2019 -- 15:05:47 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:05:47 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:05:47 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - pid file '/var/run/suricata.pid' exists and Suricata appears to be running. Aborting!
|
|
27/11/2019 -- 15:05:47 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:05:48 - <Info> - time elapsed 175.029s
|
|
27/11/2019 -- 15:05:48 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:05:49 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:05:49 - <Notice> - Stats for 'eno4': pkts: 63744572, drop: 17386484 (27.28%), invalid chksum: 0
|
|
27/11/2019 -- 15:20:58 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:20:58 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:20:58 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:20:58 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:20:58 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:21:05 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:21:05 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:21:05 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:21:24 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:21:24 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:21:24 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:21:24 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:21:24 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:21:34 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:21:34 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:21:34 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:21:34 - <Info> - time elapsed 10.047s
|
|
27/11/2019 -- 15:21:34 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:21:34 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:21:34 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:21:34 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:21:35 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:21:35 - <Notice> - Stats for 'eno4': pkts: 3256086, drop: 559714 (17.19%), invalid chksum: 0
|
|
27/11/2019 -- 15:21:41 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:21:41 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:21:41 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:22:00 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:22:00 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:22:00 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:22:00 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:22:01 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:26:06 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:26:06 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:26:06 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:26:06 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:26:06 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:26:17 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:26:17 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:26:17 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:26:47 - <Error> - [ERRCODE: SC_ERR_INVALID_VALUE(130)] - fanout not supported by kernel: Kernel too old or cluster-id 1 already in use.
|
|
27/11/2019 -- 15:26:47 - <Info> - Going to use 1 thread(s)
|
|
27/11/2019 -- 15:26:47 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:26:47 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:26:47 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:26:47 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:30:45 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:30:45 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:30:45 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:30:45 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:30:45 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:30:52 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:30:52 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:30:52 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:31:11 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:31:11 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:31:11 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:31:11 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:31:11 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:31:11 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:31:11 - <Info> - time elapsed 0.204s
|
|
27/11/2019 -- 15:31:11 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:31:12 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:31:12 - <Notice> - Stats for 'eno4': pkts: 167839, drop: 165447 (98.57%), invalid chksum: 0
|
|
27/11/2019 -- 15:36:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:36:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:36:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:36:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:36:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:36:08 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:36:08 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:36:08 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:36:27 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:36:27 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:36:27 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:36:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:36:27 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:36:27 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:36:27 - <Info> - time elapsed 0.195s
|
|
27/11/2019 -- 15:36:27 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:36:28 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:36:28 - <Notice> - Stats for 'eno4': pkts: 141144, drop: 138355 (98.02%), invalid chksum: 0
|
|
27/11/2019 -- 15:40:34 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:40:34 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:40:34 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:40:34 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:40:34 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:40:41 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:40:41 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:40:41 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:41:00 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:41:00 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:41:00 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:41:00 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:41:00 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:43:12 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:43:12 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:43:12 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:43:12 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:43:12 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:43:12 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:43:13 - <Info> - time elapsed 132.703s
|
|
27/11/2019 -- 15:43:13 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:43:14 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:43:14 - <Notice> - Stats for 'eno4': pkts: 44980767, drop: 10769744 (23.94%), invalid chksum: 0
|
|
27/11/2019 -- 15:43:20 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:43:20 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:43:20 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:43:39 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:43:39 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:43:39 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:43:39 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:43:39 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:43:51 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:43:51 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:43:51 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:43:51 - <Info> - time elapsed 12.824s
|
|
27/11/2019 -- 15:43:51 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:43:51 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:43:51 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:43:52 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:43:52 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:43:52 - <Notice> - Stats for 'eno4': pkts: 3952224, drop: 393757 (9.96%), invalid chksum: 0
|
|
27/11/2019 -- 15:43:59 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:43:59 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:43:59 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:44:18 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:44:18 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:44:18 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:44:18 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:44:18 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:44:28 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:44:28 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:44:28 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:44:28 - <Info> - time elapsed 10.437s
|
|
27/11/2019 -- 15:44:28 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:44:28 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:44:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:44:29 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:44:29 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:44:29 - <Notice> - Stats for 'eno4': pkts: 2643994, drop: 256368 (9.70%), invalid chksum: 0
|
|
27/11/2019 -- 15:44:36 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:44:36 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:44:36 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:44:54 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:44:55 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:44:55 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:44:55 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:44:55 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 15:50:02 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 15:50:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 15:50:02 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 15:50:03 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 15:50:03 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 15:50:03 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:50:03 - <Info> - time elapsed 308.959s
|
|
27/11/2019 -- 15:50:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 15:50:05 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 15:50:05 - <Notice> - Stats for 'eno4': pkts: 107598424, drop: 34579943 (32.14%), invalid chksum: 0
|
|
27/11/2019 -- 15:50:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 15:50:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 15:50:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 15:50:29 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 15:50:29 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 15:50:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 15:50:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 15:50:30 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 16:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 16:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 16:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 16:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 16:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 16:00:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 16:00:02 - <Info> - time elapsed 573.070s
|
|
27/11/2019 -- 16:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 16:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 16:00:04 - <Notice> - Stats for 'eno4': pkts: 194872941, drop: 48594180 (24.94%), invalid chksum: 0
|
|
27/11/2019 -- 16:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 16:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 16:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 16:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 16:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 16:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 16:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 16:00:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 16:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 16:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 16:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 16:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 16:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 16:30:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 16:30:02 - <Info> - time elapsed 1773.681s
|
|
27/11/2019 -- 16:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 16:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 16:30:04 - <Notice> - Stats for 'eno4': pkts: 622700622, drop: 172372622 (27.68%), invalid chksum: 0
|
|
27/11/2019 -- 16:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 16:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 16:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 16:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 16:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 16:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 16:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 16:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 17:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 17:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 17:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 17:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 17:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 17:00:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 17:00:02 - <Info> - time elapsed 1773.632s
|
|
27/11/2019 -- 17:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 17:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 17:00:04 - <Notice> - Stats for 'eno4': pkts: 596316231, drop: 145001660 (24.32%), invalid chksum: 0
|
|
27/11/2019 -- 17:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 17:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 17:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 17:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 17:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 17:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 17:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 17:00:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 17:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 17:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 17:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 17:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 17:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 17:30:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 17:30:03 - <Info> - time elapsed 1774.401s
|
|
27/11/2019 -- 17:30:05 - <Info> - Alerts: 0
|
|
27/11/2019 -- 17:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 17:30:05 - <Notice> - Stats for 'eno4': pkts: 582825919, drop: 147329982 (25.28%), invalid chksum: 0
|
|
27/11/2019 -- 17:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 17:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 17:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 17:30:29 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 17:30:29 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 17:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 17:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 17:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 18:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 18:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 18:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 18:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 18:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 18:00:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 18:00:01 - <Info> - time elapsed 1772.834s
|
|
27/11/2019 -- 18:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 18:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 18:00:04 - <Notice> - Stats for 'eno4': pkts: 604292147, drop: 168491434 (27.88%), invalid chksum: 0
|
|
27/11/2019 -- 18:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 18:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 18:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 18:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 18:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 18:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 18:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 18:00:28 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 18:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 18:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 18:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 18:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 18:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 18:30:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 18:30:02 - <Info> - time elapsed 1773.776s
|
|
27/11/2019 -- 18:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 18:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 18:30:04 - <Notice> - Stats for 'eno4': pkts: 594368734, drop: 140006625 (23.56%), invalid chksum: 0
|
|
27/11/2019 -- 18:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 18:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 18:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 18:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 18:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 18:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 18:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 18:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 19:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 19:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 19:00:02 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 19:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 19:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 19:00:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 19:00:02 - <Info> - time elapsed 1774.323s
|
|
27/11/2019 -- 19:00:05 - <Info> - Alerts: 0
|
|
27/11/2019 -- 19:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 19:00:05 - <Notice> - Stats for 'eno4': pkts: 571133809, drop: 145075729 (25.40%), invalid chksum: 0
|
|
27/11/2019 -- 19:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 19:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 19:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 19:00:29 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 19:00:29 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 19:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 19:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 19:00:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 19:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 19:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 19:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 19:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 19:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 19:30:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 19:30:01 - <Info> - time elapsed 1772.771s
|
|
27/11/2019 -- 19:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 19:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 19:30:04 - <Notice> - Stats for 'eno4': pkts: 558051212, drop: 146881047 (26.32%), invalid chksum: 0
|
|
27/11/2019 -- 19:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 19:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 19:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 19:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 19:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 19:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 19:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 19:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 20:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 20:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 20:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 20:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 20:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 20:00:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 20:00:02 - <Info> - time elapsed 1773.906s
|
|
27/11/2019 -- 20:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 20:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 20:00:04 - <Notice> - Stats for 'eno4': pkts: 555334505, drop: 169759108 (30.57%), invalid chksum: 0
|
|
27/11/2019 -- 20:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 20:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 20:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 20:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 20:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 20:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 20:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 20:00:28 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 20:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 20:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 20:30:02 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 20:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 20:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 20:30:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 20:30:02 - <Info> - time elapsed 1774.326s
|
|
27/11/2019 -- 20:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 20:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 20:30:04 - <Notice> - Stats for 'eno4': pkts: 585556967, drop: 150411455 (25.69%), invalid chksum: 0
|
|
27/11/2019 -- 20:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 20:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 20:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 20:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 20:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 20:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 20:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 20:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 21:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 21:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 21:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 21:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 21:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 21:00:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 21:00:02 - <Info> - time elapsed 1773.464s
|
|
27/11/2019 -- 21:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 21:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 21:00:04 - <Notice> - Stats for 'eno4': pkts: 561964633, drop: 151299161 (26.92%), invalid chksum: 0
|
|
27/11/2019 -- 21:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 21:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 21:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 21:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 21:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 21:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 21:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 21:00:28 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 21:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 21:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 21:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 21:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 21:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 21:30:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 21:30:02 - <Info> - time elapsed 1774.159s
|
|
27/11/2019 -- 21:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 21:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 21:30:04 - <Notice> - Stats for 'eno4': pkts: 566947434, drop: 143339221 (25.28%), invalid chksum: 0
|
|
27/11/2019 -- 21:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 21:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 21:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 21:30:29 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 21:30:29 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 21:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 21:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 21:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 22:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 22:00:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 22:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 22:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 22:00:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 22:00:01 - <Info> - time elapsed 1772.830s
|
|
27/11/2019 -- 22:00:03 - <Info> - Alerts: 0
|
|
27/11/2019 -- 22:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 565964310, drop: 150550379 (26.60%), invalid chksum: 0
|
|
27/11/2019 -- 22:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 22:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 22:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 22:00:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 22:00:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 22:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 22:00:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 22:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 22:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 22:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 22:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 22:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 22:30:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 22:30:02 - <Info> - time elapsed 1773.529s
|
|
27/11/2019 -- 22:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 22:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 22:30:04 - <Notice> - Stats for 'eno4': pkts: 550454373, drop: 144048672 (26.17%), invalid chksum: 0
|
|
27/11/2019 -- 22:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 22:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 22:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 22:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 22:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 22:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 22:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 22:30:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 23:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 23:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 23:00:02 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 23:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 23:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 23:00:02 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 23:00:02 - <Info> - time elapsed 1774.280s
|
|
27/11/2019 -- 23:00:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 23:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 23:00:05 - <Notice> - Stats for 'eno4': pkts: 557294142, drop: 148485538 (26.64%), invalid chksum: 0
|
|
27/11/2019 -- 23:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 23:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 23:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 23:00:29 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 23:00:29 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 23:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 23:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 23:00:29 - <Info> - All AFP capture threads are running.
|
|
27/11/2019 -- 23:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
27/11/2019 -- 23:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
27/11/2019 -- 23:30:01 - <Info> - CPUs/cores online: 12
|
|
27/11/2019 -- 23:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
27/11/2019 -- 23:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
27/11/2019 -- 23:30:01 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 23:30:01 - <Info> - time elapsed 1772.910s
|
|
27/11/2019 -- 23:30:04 - <Info> - Alerts: 0
|
|
27/11/2019 -- 23:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
27/11/2019 -- 23:30:04 - <Notice> - Stats for 'eno4': pkts: 627519267, drop: 167461578 (26.69%), invalid chksum: 0
|
|
27/11/2019 -- 23:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
27/11/2019 -- 23:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
27/11/2019 -- 23:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
27/11/2019 -- 23:30:28 - <Info> - Going to use 12 thread(s)
|
|
27/11/2019 -- 23:30:28 - <Info> - Running in live mode, activating unix socket
|
|
27/11/2019 -- 23:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
27/11/2019 -- 23:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
27/11/2019 -- 23:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 00:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 00:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 00:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 00:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 00:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 00:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 00:00:02 - <Info> - time elapsed 1773.882s
|
|
28/11/2019 -- 00:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 00:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 00:00:05 - <Notice> - Stats for 'eno4': pkts: 561954624, drop: 163472663 (29.09%), invalid chksum: 0
|
|
28/11/2019 -- 00:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 00:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 00:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 00:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 00:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 00:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 00:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 00:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 00:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 00:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 00:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 00:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 00:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 00:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 00:30:03 - <Info> - time elapsed 1774.586s
|
|
28/11/2019 -- 00:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 00:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 00:30:05 - <Notice> - Stats for 'eno4': pkts: 524656391, drop: 191657615 (36.53%), invalid chksum: 0
|
|
28/11/2019 -- 00:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 00:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 00:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 00:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 00:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 00:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 00:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 00:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 01:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 01:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 01:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 01:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 01:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 01:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 01:00:02 - <Info> - time elapsed 1772.789s
|
|
28/11/2019 -- 01:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 01:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 01:00:04 - <Notice> - Stats for 'eno4': pkts: 509186787, drop: 161569330 (31.73%), invalid chksum: 0
|
|
28/11/2019 -- 01:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 01:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 01:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 01:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 01:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 01:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 01:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 01:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 01:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 01:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 01:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 01:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 01:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 01:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 01:30:02 - <Info> - time elapsed 1774.029s
|
|
28/11/2019 -- 01:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 01:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 01:30:04 - <Notice> - Stats for 'eno4': pkts: 691239120, drop: 215031436 (31.11%), invalid chksum: 0
|
|
28/11/2019 -- 01:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 01:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 01:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 01:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 01:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 01:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 01:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 01:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 02:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 02:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 02:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 02:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 02:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 02:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 02:00:01 - <Info> - time elapsed 1772.884s
|
|
28/11/2019 -- 02:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 02:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 02:00:04 - <Notice> - Stats for 'eno4': pkts: 559034482, drop: 154346930 (27.61%), invalid chksum: 0
|
|
28/11/2019 -- 02:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 02:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 02:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 02:00:27 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 02:00:27 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 02:00:27 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 02:00:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 02:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 02:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 02:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 02:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 02:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 02:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 02:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 02:30:02 - <Info> - time elapsed 1774.423s
|
|
28/11/2019 -- 02:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 02:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 02:30:04 - <Notice> - Stats for 'eno4': pkts: 574264939, drop: 151676756 (26.41%), invalid chksum: 0
|
|
28/11/2019 -- 02:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 02:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 02:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 02:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 02:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 02:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 02:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 02:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 03:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 03:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 03:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 03:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 03:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 03:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 03:00:02 - <Info> - time elapsed 1773.866s
|
|
28/11/2019 -- 03:00:05 - <Info> - Alerts: 0
|
|
28/11/2019 -- 03:00:06 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 03:00:06 - <Notice> - Stats for 'eno4': pkts: 598381403, drop: 152519093 (25.49%), invalid chksum: 0
|
|
28/11/2019 -- 03:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 03:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 03:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 03:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 03:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 03:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 03:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 03:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 03:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 03:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 03:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 03:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 03:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 03:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 03:30:01 - <Info> - time elapsed 1772.687s
|
|
28/11/2019 -- 03:30:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 03:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 03:30:04 - <Notice> - Stats for 'eno4': pkts: 719507666, drop: 233150688 (32.40%), invalid chksum: 0
|
|
28/11/2019 -- 03:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 03:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 03:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 03:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 03:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 03:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 03:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 03:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 04:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 04:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 04:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 04:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 04:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 04:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 04:00:02 - <Info> - time elapsed 1773.968s
|
|
28/11/2019 -- 04:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 04:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 04:00:04 - <Notice> - Stats for 'eno4': pkts: 714023785, drop: 224611236 (31.46%), invalid chksum: 0
|
|
28/11/2019 -- 04:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 04:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 04:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 04:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 04:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 04:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 04:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 04:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 04:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 04:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 04:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 04:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 04:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 04:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 04:30:02 - <Info> - time elapsed 1774.343s
|
|
28/11/2019 -- 04:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 04:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 04:30:05 - <Notice> - Stats for 'eno4': pkts: 583969963, drop: 150857807 (25.83%), invalid chksum: 0
|
|
28/11/2019 -- 04:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 04:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 04:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 04:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 04:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 04:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 04:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 04:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 05:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 05:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 05:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 05:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 05:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 05:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 05:00:02 - <Info> - time elapsed 1773.041s
|
|
28/11/2019 -- 05:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 05:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 05:00:04 - <Notice> - Stats for 'eno4': pkts: 544912933, drop: 133719898 (24.54%), invalid chksum: 0
|
|
28/11/2019 -- 05:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 05:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 05:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 05:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 05:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 05:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 05:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 05:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 05:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 05:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 05:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 05:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 05:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 05:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 05:30:03 - <Info> - time elapsed 1774.951s
|
|
28/11/2019 -- 05:30:05 - <Info> - Alerts: 0
|
|
28/11/2019 -- 05:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 05:30:05 - <Notice> - Stats for 'eno4': pkts: 578857421, drop: 152953942 (26.42%), invalid chksum: 0
|
|
28/11/2019 -- 05:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 05:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 05:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 05:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 05:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 05:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 05:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 05:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 06:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 06:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 06:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 06:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 06:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 06:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 06:00:01 - <Info> - time elapsed 1772.591s
|
|
28/11/2019 -- 06:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 06:00:03 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 06:00:03 - <Notice> - Stats for 'eno4': pkts: 555952561, drop: 154460398 (27.78%), invalid chksum: 0
|
|
28/11/2019 -- 06:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 06:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 06:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 06:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 06:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 06:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 06:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 06:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 06:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 06:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 06:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 06:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 06:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 06:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 06:30:02 - <Info> - time elapsed 1774.408s
|
|
28/11/2019 -- 06:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 06:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 06:30:04 - <Notice> - Stats for 'eno4': pkts: 559135783, drop: 155145860 (27.75%), invalid chksum: 0
|
|
28/11/2019 -- 06:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 06:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 06:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 06:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 06:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 06:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 06:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 06:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 07:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 07:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 07:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 07:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 07:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 07:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 07:00:02 - <Info> - time elapsed 1772.858s
|
|
28/11/2019 -- 07:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 07:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 07:00:04 - <Notice> - Stats for 'eno4': pkts: 566328987, drop: 156715182 (27.67%), invalid chksum: 0
|
|
28/11/2019 -- 07:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 07:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 07:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 07:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 07:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 07:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 07:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 07:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 07:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 07:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 07:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 07:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 07:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 07:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 07:30:02 - <Info> - time elapsed 1773.576s
|
|
28/11/2019 -- 07:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 07:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 07:30:04 - <Notice> - Stats for 'eno4': pkts: 569337678, drop: 147449908 (25.90%), invalid chksum: 1
|
|
28/11/2019 -- 07:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 07:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 07:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 07:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 07:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 07:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 07:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 07:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 08:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 08:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 08:00:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 08:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 08:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 08:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 08:00:02 - <Info> - time elapsed 1774.060s
|
|
28/11/2019 -- 08:00:05 - <Info> - Alerts: 0
|
|
28/11/2019 -- 08:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 08:00:05 - <Notice> - Stats for 'eno4': pkts: 566329437, drop: 140190393 (24.75%), invalid chksum: 0
|
|
28/11/2019 -- 08:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 08:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 08:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 08:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 08:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 08:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 08:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 08:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 08:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 08:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 08:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 08:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 08:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 08:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 08:30:02 - <Info> - time elapsed 1773.031s
|
|
28/11/2019 -- 08:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 08:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 08:30:04 - <Notice> - Stats for 'eno4': pkts: 565785776, drop: 138534834 (24.49%), invalid chksum: 0
|
|
28/11/2019 -- 08:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 08:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 08:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 08:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 08:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 08:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 08:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 08:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 09:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 09:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 09:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 09:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 09:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 09:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 09:00:02 - <Info> - time elapsed 1774.152s
|
|
28/11/2019 -- 09:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 09:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 09:00:04 - <Notice> - Stats for 'eno4': pkts: 582778686, drop: 202066187 (34.67%), invalid chksum: 0
|
|
28/11/2019 -- 09:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 09:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 09:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 09:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 09:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 09:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 09:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 09:00:30 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 09:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 09:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 09:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 09:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 09:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 09:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 09:30:01 - <Info> - time elapsed 1772.400s
|
|
28/11/2019 -- 09:30:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 09:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 09:30:04 - <Notice> - Stats for 'eno4': pkts: 573419735, drop: 148676657 (25.93%), invalid chksum: 0
|
|
28/11/2019 -- 09:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 09:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 09:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 09:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 09:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 09:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 09:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 09:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 10:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 10:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 10:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 10:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 10:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 10:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 10:00:02 - <Info> - time elapsed 1774.300s
|
|
28/11/2019 -- 10:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 10:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 10:00:04 - <Notice> - Stats for 'eno4': pkts: 583440094, drop: 148908223 (25.52%), invalid chksum: 0
|
|
28/11/2019 -- 10:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 10:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 10:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 10:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 10:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 10:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 10:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 10:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 10:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 10:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 10:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 10:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 10:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 10:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 10:30:02 - <Info> - time elapsed 1773.781s
|
|
28/11/2019 -- 10:30:05 - <Info> - Alerts: 0
|
|
28/11/2019 -- 10:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 10:30:06 - <Notice> - Stats for 'eno4': pkts: 578661536, drop: 152534225 (26.36%), invalid chksum: 0
|
|
28/11/2019 -- 10:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 10:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 10:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 10:30:30 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 10:30:30 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 10:30:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 10:30:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 10:30:30 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 11:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 11:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 11:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 11:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 11:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 11:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 11:00:02 - <Info> - time elapsed 1771.651s
|
|
28/11/2019 -- 11:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 11:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 11:00:04 - <Notice> - Stats for 'eno4': pkts: 560961294, drop: 137147337 (24.45%), invalid chksum: 0
|
|
28/11/2019 -- 11:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 11:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 11:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 11:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 11:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 11:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 11:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 11:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 11:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 11:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 11:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 11:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 11:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 11:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 11:30:02 - <Info> - time elapsed 1774.045s
|
|
28/11/2019 -- 11:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 11:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 11:30:05 - <Notice> - Stats for 'eno4': pkts: 544325138, drop: 150655555 (27.68%), invalid chksum: 0
|
|
28/11/2019 -- 11:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 11:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 11:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 11:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 11:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 11:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 11:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 11:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 12:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 12:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 12:00:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 12:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 12:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 12:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 12:00:02 - <Info> - time elapsed 1773.901s
|
|
28/11/2019 -- 12:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 12:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 12:00:05 - <Notice> - Stats for 'eno4': pkts: 571194510, drop: 136546980 (23.91%), invalid chksum: 0
|
|
28/11/2019 -- 12:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 12:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 12:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 12:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 12:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 12:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 12:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 12:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 12:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 12:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 12:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 12:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 12:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 12:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 12:30:02 - <Info> - time elapsed 1772.620s
|
|
28/11/2019 -- 12:30:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 12:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 12:30:04 - <Notice> - Stats for 'eno4': pkts: 593599048, drop: 155539589 (26.20%), invalid chksum: 0
|
|
28/11/2019 -- 12:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 12:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 12:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 12:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 12:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 12:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 12:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 12:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 13:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 13:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 13:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 13:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 13:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 13:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 13:00:02 - <Info> - time elapsed 1774.092s
|
|
28/11/2019 -- 13:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 13:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 13:00:05 - <Notice> - Stats for 'eno4': pkts: 581538510, drop: 149312939 (25.68%), invalid chksum: 0
|
|
28/11/2019 -- 13:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 13:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 13:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 13:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 13:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 13:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 13:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 13:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 13:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 13:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 13:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 13:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 13:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 13:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 13:30:01 - <Info> - time elapsed 1772.841s
|
|
28/11/2019 -- 13:30:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 13:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 13:30:04 - <Notice> - Stats for 'eno4': pkts: 559187041, drop: 145019604 (25.93%), invalid chksum: 0
|
|
28/11/2019 -- 13:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 13:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 13:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 13:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 13:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 13:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 13:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 13:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 14:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 14:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 14:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 14:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 14:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 14:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 14:00:02 - <Info> - time elapsed 1773.950s
|
|
28/11/2019 -- 14:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 14:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 14:00:04 - <Notice> - Stats for 'eno4': pkts: 585082536, drop: 158155498 (27.03%), invalid chksum: 0
|
|
28/11/2019 -- 14:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 14:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 14:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 14:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 14:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 14:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 14:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 14:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 14:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 14:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 14:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 14:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 14:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 14:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 14:30:02 - <Info> - time elapsed 1773.731s
|
|
28/11/2019 -- 14:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 14:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 14:30:05 - <Notice> - Stats for 'eno4': pkts: 517644042, drop: 127265012 (24.59%), invalid chksum: 0
|
|
28/11/2019 -- 14:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 14:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 14:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 14:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 14:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 14:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 14:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 14:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 15:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 15:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 15:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 15:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 15:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 15:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 15:00:02 - <Info> - time elapsed 1773.225s
|
|
28/11/2019 -- 15:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 15:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 15:00:04 - <Notice> - Stats for 'eno4': pkts: 593662515, drop: 153463186 (25.85%), invalid chksum: 0
|
|
28/11/2019 -- 15:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 15:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 15:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 15:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 15:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 15:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 15:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 15:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 15:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 15:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 15:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 15:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 15:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 15:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 15:30:02 - <Info> - time elapsed 1774.304s
|
|
28/11/2019 -- 15:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 15:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 15:30:05 - <Notice> - Stats for 'eno4': pkts: 554784637, drop: 143728207 (25.91%), invalid chksum: 0
|
|
28/11/2019 -- 15:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 15:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 15:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 15:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 15:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 15:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 15:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 15:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 16:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 16:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 16:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 16:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 16:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 16:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 16:00:01 - <Info> - time elapsed 1772.804s
|
|
28/11/2019 -- 16:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 16:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 16:00:04 - <Notice> - Stats for 'eno4': pkts: 578456090, drop: 191373341 (33.08%), invalid chksum: 0
|
|
28/11/2019 -- 16:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 16:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 16:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 16:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 16:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 16:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 16:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 16:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 16:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 16:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 16:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 16:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 16:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 16:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 16:30:02 - <Info> - time elapsed 1774.137s
|
|
28/11/2019 -- 16:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 16:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 16:30:05 - <Notice> - Stats for 'eno4': pkts: 561273288, drop: 136860646 (24.38%), invalid chksum: 0
|
|
28/11/2019 -- 16:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 16:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 16:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 16:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 16:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 16:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 16:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 16:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 17:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 17:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 17:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 17:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 17:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 17:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 17:00:02 - <Info> - time elapsed 1773.781s
|
|
28/11/2019 -- 17:00:05 - <Info> - Alerts: 0
|
|
28/11/2019 -- 17:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 17:00:05 - <Notice> - Stats for 'eno4': pkts: 576679181, drop: 155048535 (26.89%), invalid chksum: 0
|
|
28/11/2019 -- 17:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 17:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 17:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 17:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 17:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 17:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 17:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 17:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 17:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 17:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 17:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 17:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 17:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 17:30:08 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 17:30:08 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 17:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 17:30:27 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 17:30:27 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 17:30:27 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 17:30:27 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 17:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 18:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 18:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 18:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 18:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 18:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 18:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 18:00:02 - <Info> - time elapsed 1774.752s
|
|
28/11/2019 -- 18:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 18:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 18:00:04 - <Notice> - Stats for 'eno4': pkts: 552839721, drop: 141073048 (25.52%), invalid chksum: 0
|
|
28/11/2019 -- 18:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 18:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 18:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 18:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 18:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 18:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 18:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 18:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 18:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 18:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 18:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 18:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 18:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 18:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 18:30:02 - <Info> - time elapsed 1774.303s
|
|
28/11/2019 -- 18:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 18:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 18:30:05 - <Notice> - Stats for 'eno4': pkts: 547869338, drop: 134800320 (24.60%), invalid chksum: 0
|
|
28/11/2019 -- 18:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 18:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 18:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 18:30:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 18:30:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 18:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 18:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 18:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 19:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 19:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 19:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 19:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 19:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 19:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 19:00:01 - <Info> - time elapsed 1772.937s
|
|
28/11/2019 -- 19:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 19:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 19:00:04 - <Notice> - Stats for 'eno4': pkts: 818106212, drop: 293920956 (35.93%), invalid chksum: 0
|
|
28/11/2019 -- 19:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 19:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 19:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 19:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 19:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 19:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 19:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 19:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 19:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 19:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 19:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 19:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 19:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 19:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 19:30:02 - <Info> - time elapsed 1774.146s
|
|
28/11/2019 -- 19:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 19:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 19:30:05 - <Notice> - Stats for 'eno4': pkts: 563523649, drop: 185248245 (32.87%), invalid chksum: 0
|
|
28/11/2019 -- 19:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 19:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 19:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 19:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 19:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 19:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 19:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 19:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 20:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 20:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 20:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 20:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 20:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 20:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 20:00:01 - <Info> - time elapsed 1773.065s
|
|
28/11/2019 -- 20:00:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 20:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 20:00:04 - <Notice> - Stats for 'eno4': pkts: 531097272, drop: 183143219 (34.48%), invalid chksum: 0
|
|
28/11/2019 -- 20:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 20:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 20:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 20:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 20:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 20:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 20:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 20:00:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 20:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 20:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 20:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 20:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 20:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 20:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 20:30:02 - <Info> - time elapsed 1774.110s
|
|
28/11/2019 -- 20:30:03 - <Info> - Alerts: 0
|
|
28/11/2019 -- 20:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 20:30:04 - <Notice> - Stats for 'eno4': pkts: 555578203, drop: 155145198 (27.92%), invalid chksum: 0
|
|
28/11/2019 -- 20:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 20:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 20:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 20:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 20:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 20:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 20:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 20:30:28 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 21:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 21:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 21:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 21:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 21:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 21:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 21:00:02 - <Info> - time elapsed 1774.242s
|
|
28/11/2019 -- 21:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 21:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 21:00:05 - <Notice> - Stats for 'eno4': pkts: 549679353, drop: 143510586 (26.11%), invalid chksum: 0
|
|
28/11/2019 -- 21:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 21:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 21:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 21:00:29 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 21:00:29 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 21:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 21:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 21:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 21:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 21:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 21:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 21:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 21:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 21:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 21:30:02 - <Info> - time elapsed 1772.838s
|
|
28/11/2019 -- 21:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 21:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 21:30:04 - <Notice> - Stats for 'eno4': pkts: 558688831, drop: 158855212 (28.43%), invalid chksum: 0
|
|
28/11/2019 -- 21:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 21:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 21:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 21:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 21:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 21:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 21:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 21:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 22:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 22:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 22:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 22:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 22:00:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 22:00:02 - <Info> - time elapsed 1773.876s
|
|
28/11/2019 -- 22:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 22:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 545921525, drop: 140871789 (25.80%), invalid chksum: 0
|
|
28/11/2019 -- 22:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 22:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 22:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 22:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 22:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 22:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 22:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 22:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 22:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 22:30:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 22:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 22:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 22:30:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 22:30:01 - <Info> - time elapsed 1773.152s
|
|
28/11/2019 -- 22:30:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 22:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 22:30:04 - <Notice> - Stats for 'eno4': pkts: 495751406, drop: 123588753 (24.93%), invalid chksum: 0
|
|
28/11/2019 -- 22:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 22:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 22:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 22:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 22:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 22:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 22:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 22:30:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 23:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
28/11/2019 -- 23:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 23:00:01 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 23:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 23:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 23:00:01 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 23:00:02 - <Info> - time elapsed 1773.748s
|
|
28/11/2019 -- 23:00:04 - <Info> - Alerts: 0
|
|
28/11/2019 -- 23:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
28/11/2019 -- 23:00:04 - <Notice> - Stats for 'eno4': pkts: 570558057, drop: 146448110 (25.67%), invalid chksum: 0
|
|
28/11/2019 -- 23:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 23:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 23:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 23:00:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 23:00:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 23:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 23:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 23:00:29 - <Info> - All AFP capture threads are running.
|
|
28/11/2019 -- 23:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
28/11/2019 -- 23:30:02 - <Info> - CPUs/cores online: 12
|
|
28/11/2019 -- 23:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
28/11/2019 -- 23:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
28/11/2019 -- 23:30:02 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 23:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
28/11/2019 -- 23:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
28/11/2019 -- 23:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
28/11/2019 -- 23:30:28 - <Info> - Going to use 12 thread(s)
|
|
28/11/2019 -- 23:30:28 - <Info> - Running in live mode, activating unix socket
|
|
28/11/2019 -- 23:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
28/11/2019 -- 23:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
28/11/2019 -- 23:30:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 00:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 00:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 00:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 00:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 00:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 00:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 00:00:01 - <Info> - time elapsed 1773.571s
|
|
29/11/2019 -- 00:00:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 00:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 00:00:04 - <Notice> - Stats for 'eno4': pkts: 577420393, drop: 214290760 (37.11%), invalid chksum: 0
|
|
29/11/2019 -- 00:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 00:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 00:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 00:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 00:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 00:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 00:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 00:00:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 00:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 00:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 00:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 00:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 00:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 00:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 00:30:02 - <Info> - time elapsed 1774.109s
|
|
29/11/2019 -- 00:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 00:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 00:30:05 - <Notice> - Stats for 'eno4': pkts: 529103275, drop: 139091113 (26.29%), invalid chksum: 0
|
|
29/11/2019 -- 00:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 00:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 00:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 00:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 00:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 00:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 00:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 00:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 01:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 01:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 01:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 01:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 01:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 01:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 01:00:02 - <Info> - time elapsed 1774.127s
|
|
29/11/2019 -- 01:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 01:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 01:00:05 - <Notice> - Stats for 'eno4': pkts: 489886651, drop: 119811899 (24.46%), invalid chksum: 0
|
|
29/11/2019 -- 01:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 01:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 01:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 01:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 01:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 01:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 01:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 01:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 01:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 01:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 01:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 01:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 01:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 01:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 01:30:02 - <Info> - time elapsed 1773.097s
|
|
29/11/2019 -- 01:30:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 01:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 01:30:04 - <Notice> - Stats for 'eno4': pkts: 658811450, drop: 248336629 (37.69%), invalid chksum: 0
|
|
29/11/2019 -- 01:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 01:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 01:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 01:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 01:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 01:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 01:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 01:30:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 02:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 02:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 02:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 02:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 02:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 02:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 02:00:02 - <Info> - time elapsed 1774.278s
|
|
29/11/2019 -- 02:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 02:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 02:00:04 - <Notice> - Stats for 'eno4': pkts: 522044750, drop: 167649096 (32.11%), invalid chksum: 0
|
|
29/11/2019 -- 02:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 02:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 02:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 02:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 02:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 02:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 02:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 02:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 02:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 02:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 02:30:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 02:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 02:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 02:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 02:30:03 - <Info> - time elapsed 1775.173s
|
|
29/11/2019 -- 02:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 02:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 02:30:06 - <Notice> - Stats for 'eno4': pkts: 561392351, drop: 179227648 (31.93%), invalid chksum: 0
|
|
29/11/2019 -- 02:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 02:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 02:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 02:30:30 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 02:30:30 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 02:30:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 02:30:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 02:30:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 03:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 03:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 03:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 03:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 03:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 03:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 03:00:02 - <Info> - time elapsed 1772.126s
|
|
29/11/2019 -- 03:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 03:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 03:00:04 - <Notice> - Stats for 'eno4': pkts: 543384191, drop: 144380548 (26.57%), invalid chksum: 0
|
|
29/11/2019 -- 03:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 03:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 03:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 03:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 03:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 03:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 03:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 03:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 03:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 03:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 03:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 03:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 03:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 03:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 03:30:02 - <Info> - time elapsed 1774.137s
|
|
29/11/2019 -- 03:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 03:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 03:30:05 - <Notice> - Stats for 'eno4': pkts: 706417306, drop: 249543022 (35.33%), invalid chksum: 0
|
|
29/11/2019 -- 03:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 03:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 03:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 03:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 03:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 03:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 03:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 03:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 04:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 04:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 04:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 04:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 04:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 04:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 04:00:01 - <Info> - time elapsed 1772.959s
|
|
29/11/2019 -- 04:00:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 04:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 04:00:04 - <Notice> - Stats for 'eno4': pkts: 633720593, drop: 179583900 (28.34%), invalid chksum: 0
|
|
29/11/2019 -- 04:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 04:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 04:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 04:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 04:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 04:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 04:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 04:00:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 04:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 04:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 04:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 04:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 04:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 04:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 04:30:02 - <Info> - time elapsed 1773.979s
|
|
29/11/2019 -- 04:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 04:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 04:30:04 - <Notice> - Stats for 'eno4': pkts: 579213883, drop: 161265077 (27.84%), invalid chksum: 0
|
|
29/11/2019 -- 04:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 04:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 04:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 04:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 04:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 04:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 04:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 04:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 05:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 05:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 05:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 05:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 05:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 05:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 05:00:02 - <Info> - time elapsed 1773.682s
|
|
29/11/2019 -- 05:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 05:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 05:00:05 - <Notice> - Stats for 'eno4': pkts: 544338959, drop: 150847203 (27.71%), invalid chksum: 0
|
|
29/11/2019 -- 05:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 05:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 05:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 05:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 05:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 05:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 05:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 05:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 05:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 05:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 05:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 05:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 05:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 05:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 05:30:02 - <Info> - time elapsed 1773.023s
|
|
29/11/2019 -- 05:30:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 05:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 05:30:04 - <Notice> - Stats for 'eno4': pkts: 567515854, drop: 172545587 (30.40%), invalid chksum: 0
|
|
29/11/2019 -- 05:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 05:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 05:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 05:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 05:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 05:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 05:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 05:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 06:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 06:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 06:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 06:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 06:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 06:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 06:00:02 - <Info> - time elapsed 1773.958s
|
|
29/11/2019 -- 06:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 06:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 06:00:04 - <Notice> - Stats for 'eno4': pkts: 531225105, drop: 184906489 (34.81%), invalid chksum: 0
|
|
29/11/2019 -- 06:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 06:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 06:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 06:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 06:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 06:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 06:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 06:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 06:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 06:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 06:30:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 06:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 06:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 06:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 06:30:02 - <Info> - time elapsed 1774.326s
|
|
29/11/2019 -- 06:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 06:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 06:30:05 - <Notice> - Stats for 'eno4': pkts: 552604834, drop: 191081252 (34.58%), invalid chksum: 0
|
|
29/11/2019 -- 06:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 06:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 06:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 06:30:30 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 06:30:30 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 06:30:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 06:30:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 06:30:31 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 07:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 07:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 07:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 07:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 07:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 07:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 07:00:02 - <Info> - time elapsed 1771.294s
|
|
29/11/2019 -- 07:00:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 07:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 07:00:04 - <Notice> - Stats for 'eno4': pkts: 516950852, drop: 148334473 (28.69%), invalid chksum: 0
|
|
29/11/2019 -- 07:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 07:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 07:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 07:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 07:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 07:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 07:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 07:00:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 07:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 07:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 07:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 07:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 07:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 07:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 07:30:02 - <Info> - time elapsed 1774.244s
|
|
29/11/2019 -- 07:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 07:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 07:30:05 - <Notice> - Stats for 'eno4': pkts: 501846673, drop: 126640259 (25.23%), invalid chksum: 5
|
|
29/11/2019 -- 07:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 07:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 07:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 07:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 07:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 07:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 07:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 07:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 08:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 08:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 08:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 08:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 08:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 08:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 08:00:02 - <Info> - time elapsed 1773.869s
|
|
29/11/2019 -- 08:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 08:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 08:00:05 - <Notice> - Stats for 'eno4': pkts: 523119408, drop: 140985170 (26.95%), invalid chksum: 0
|
|
29/11/2019 -- 08:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 08:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 08:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 08:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 08:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 08:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 08:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 08:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 08:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 08:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 08:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 08:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 08:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 08:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 08:30:02 - <Info> - time elapsed 1773.059s
|
|
29/11/2019 -- 08:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 08:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 08:30:04 - <Notice> - Stats for 'eno4': pkts: 567364629, drop: 151626565 (26.72%), invalid chksum: 0
|
|
29/11/2019 -- 08:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 08:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 08:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 08:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 08:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 08:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 08:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 08:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 09:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 09:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 09:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 09:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 09:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 09:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 09:00:02 - <Info> - time elapsed 1773.896s
|
|
29/11/2019 -- 09:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 09:00:06 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 09:00:06 - <Notice> - Stats for 'eno4': pkts: 529291747, drop: 135894973 (25.67%), invalid chksum: 0
|
|
29/11/2019 -- 09:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 09:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 09:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 09:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 09:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 09:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 09:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 09:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 09:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 09:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 09:30:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 09:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 09:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 09:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 09:30:03 - <Info> - time elapsed 1774.149s
|
|
29/11/2019 -- 09:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 09:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 09:30:05 - <Notice> - Stats for 'eno4': pkts: 532818960, drop: 141817214 (26.62%), invalid chksum: 0
|
|
29/11/2019 -- 09:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 09:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 09:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 09:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 09:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 09:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 09:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 09:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 10:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 10:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 10:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 10:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 10:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 10:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 10:00:02 - <Info> - time elapsed 1772.990s
|
|
29/11/2019 -- 10:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 10:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 10:00:04 - <Notice> - Stats for 'eno4': pkts: 567188606, drop: 144358246 (25.45%), invalid chksum: 0
|
|
29/11/2019 -- 10:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 10:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 10:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 10:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 10:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 10:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 10:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 10:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 10:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 10:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 10:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 10:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 10:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 10:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 10:30:02 - <Info> - time elapsed 1773.970s
|
|
29/11/2019 -- 10:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 10:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 10:30:05 - <Notice> - Stats for 'eno4': pkts: 576423537, drop: 157645420 (27.35%), invalid chksum: 0
|
|
29/11/2019 -- 10:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 10:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 10:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 10:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 10:30:30 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 10:30:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 10:30:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 10:30:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 11:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 11:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 11:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 11:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 11:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 11:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 11:00:02 - <Info> - time elapsed 1772.059s
|
|
29/11/2019 -- 11:00:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 11:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 11:00:04 - <Notice> - Stats for 'eno4': pkts: 545477432, drop: 176798820 (32.41%), invalid chksum: 0
|
|
29/11/2019 -- 11:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 11:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 11:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 11:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 11:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 11:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 11:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 11:00:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 11:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 11:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 11:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 11:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 11:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 11:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 11:30:02 - <Info> - time elapsed 1774.319s
|
|
29/11/2019 -- 11:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 11:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 11:30:05 - <Notice> - Stats for 'eno4': pkts: 554380266, drop: 146617897 (26.45%), invalid chksum: 0
|
|
29/11/2019 -- 11:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 11:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 11:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 11:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 11:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 11:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 11:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 11:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 12:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 12:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 12:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 12:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 12:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 12:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 12:00:03 - <Info> - time elapsed 1774.232s
|
|
29/11/2019 -- 12:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 12:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 12:00:05 - <Notice> - Stats for 'eno4': pkts: 576057350, drop: 156985285 (27.25%), invalid chksum: 0
|
|
29/11/2019 -- 12:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 12:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 12:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 12:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 12:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 12:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 12:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 12:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 12:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 12:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 12:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 12:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 12:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 12:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 12:30:02 - <Info> - time elapsed 1772.935s
|
|
29/11/2019 -- 12:30:03 - <Info> - Alerts: 0
|
|
29/11/2019 -- 12:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 12:30:04 - <Notice> - Stats for 'eno4': pkts: 600512207, drop: 155541010 (25.90%), invalid chksum: 0
|
|
29/11/2019 -- 12:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 12:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 12:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 12:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 12:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 12:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 12:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 12:30:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 13:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 13:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 13:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 13:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 13:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 13:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 13:00:02 - <Info> - time elapsed 1774.383s
|
|
29/11/2019 -- 13:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 13:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 13:00:05 - <Notice> - Stats for 'eno4': pkts: 577407426, drop: 147661241 (25.57%), invalid chksum: 0
|
|
29/11/2019 -- 13:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 13:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 13:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 13:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 13:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 13:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 13:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 13:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 13:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 13:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 13:30:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 13:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 13:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 13:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 13:30:03 - <Info> - time elapsed 1774.270s
|
|
29/11/2019 -- 13:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 13:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 13:30:05 - <Notice> - Stats for 'eno4': pkts: 558944167, drop: 148840463 (26.63%), invalid chksum: 0
|
|
29/11/2019 -- 13:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 13:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 13:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 13:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 13:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 13:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 13:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 13:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 14:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 14:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 14:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 14:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 14:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 14:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 14:00:02 - <Info> - time elapsed 1772.838s
|
|
29/11/2019 -- 14:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 14:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 14:00:04 - <Notice> - Stats for 'eno4': pkts: 565321826, drop: 138121460 (24.43%), invalid chksum: 0
|
|
29/11/2019 -- 14:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 14:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 14:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 14:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 14:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 14:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 14:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 14:00:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 14:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 14:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 14:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 14:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 14:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 14:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 14:30:02 - <Info> - time elapsed 1774.260s
|
|
29/11/2019 -- 14:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 14:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 14:30:05 - <Notice> - Stats for 'eno4': pkts: 576141539, drop: 145491081 (25.25%), invalid chksum: 0
|
|
29/11/2019 -- 14:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 14:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 14:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 14:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 14:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 14:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 14:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 14:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 15:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 15:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 15:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 15:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 15:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 15:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 15:00:03 - <Info> - time elapsed 1774.359s
|
|
29/11/2019 -- 15:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 15:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 15:00:05 - <Notice> - Stats for 'eno4': pkts: 567796510, drop: 146796493 (25.85%), invalid chksum: 0
|
|
29/11/2019 -- 15:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 15:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 15:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 15:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 15:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 15:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 15:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 15:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 15:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 15:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 15:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 15:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 15:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 15:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 15:30:02 - <Info> - time elapsed 1772.771s
|
|
29/11/2019 -- 15:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 15:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 15:30:04 - <Notice> - Stats for 'eno4': pkts: 578247827, drop: 148499247 (25.68%), invalid chksum: 0
|
|
29/11/2019 -- 15:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 15:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 15:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 15:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 15:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 15:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 15:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 15:30:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 16:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 16:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 16:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 16:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 16:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 16:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 16:00:02 - <Info> - time elapsed 1774.386s
|
|
29/11/2019 -- 16:00:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 16:00:06 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 16:00:06 - <Notice> - Stats for 'eno4': pkts: 604747295, drop: 150049217 (24.81%), invalid chksum: 0
|
|
29/11/2019 -- 16:00:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 16:00:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 16:00:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 16:00:30 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 16:00:30 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 16:00:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 16:00:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 16:00:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 16:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 16:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 16:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 16:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 16:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 16:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 16:30:02 - <Info> - time elapsed 1772.011s
|
|
29/11/2019 -- 16:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 16:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 16:30:04 - <Notice> - Stats for 'eno4': pkts: 620164675, drop: 196000749 (31.60%), invalid chksum: 0
|
|
29/11/2019 -- 16:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 16:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 16:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 16:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 16:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 16:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 16:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 16:30:28 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 17:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 17:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 17:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 17:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 17:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 17:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 17:00:02 - <Info> - time elapsed 1773.868s
|
|
29/11/2019 -- 17:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 17:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 17:00:05 - <Notice> - Stats for 'eno4': pkts: 595414208, drop: 148844166 (25.00%), invalid chksum: 0
|
|
29/11/2019 -- 17:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 17:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 17:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 17:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 17:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 17:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 17:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 17:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 17:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 17:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 17:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 17:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 17:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 17:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 17:30:03 - <Info> - time elapsed 1774.307s
|
|
29/11/2019 -- 17:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 17:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 17:30:06 - <Notice> - Stats for 'eno4': pkts: 595508578, drop: 222690245 (37.39%), invalid chksum: 0
|
|
29/11/2019 -- 17:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 17:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 17:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 17:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 17:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 17:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 17:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 17:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 18:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 18:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 18:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 18:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 18:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 18:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 18:00:02 - <Info> - time elapsed 1773.025s
|
|
29/11/2019 -- 18:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 18:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 18:00:04 - <Notice> - Stats for 'eno4': pkts: 605337136, drop: 182258913 (30.11%), invalid chksum: 0
|
|
29/11/2019 -- 18:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 18:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 18:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 18:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 18:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 18:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 18:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 18:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 18:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 18:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 18:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 18:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 18:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 18:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 18:30:02 - <Info> - time elapsed 1773.052s
|
|
29/11/2019 -- 18:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 18:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 18:30:05 - <Notice> - Stats for 'eno4': pkts: 618594240, drop: 151525595 (24.50%), invalid chksum: 0
|
|
29/11/2019 -- 18:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 18:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 18:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 18:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 18:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 18:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 18:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 18:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 19:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 19:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 19:00:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 19:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 19:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 19:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 19:00:02 - <Info> - time elapsed 1773.685s
|
|
29/11/2019 -- 19:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 19:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 19:00:05 - <Notice> - Stats for 'eno4': pkts: 582585087, drop: 150022427 (25.75%), invalid chksum: 0
|
|
29/11/2019 -- 19:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 19:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 19:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 19:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 19:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 19:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 19:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 19:00:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 19:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 19:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 19:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 19:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 19:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 19:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 19:30:02 - <Info> - time elapsed 1772.756s
|
|
29/11/2019 -- 19:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 19:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 19:30:05 - <Notice> - Stats for 'eno4': pkts: 603801072, drop: 149590847 (24.77%), invalid chksum: 0
|
|
29/11/2019 -- 19:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 19:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 19:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 19:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 19:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 19:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 19:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 19:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 20:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 20:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 20:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 20:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 20:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 20:00:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 20:00:03 - <Info> - time elapsed 1774.194s
|
|
29/11/2019 -- 20:00:06 - <Info> - Alerts: 0
|
|
29/11/2019 -- 20:00:07 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 20:00:07 - <Notice> - Stats for 'eno4': pkts: 636447760, drop: 198592974 (31.20%), invalid chksum: 0
|
|
29/11/2019 -- 20:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 20:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 20:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 20:00:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 20:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 20:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 20:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 20:00:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 20:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 20:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 20:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 20:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 20:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 20:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 20:30:02 - <Info> - time elapsed 1772.435s
|
|
29/11/2019 -- 20:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 20:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 20:30:05 - <Notice> - Stats for 'eno4': pkts: 600998944, drop: 147852259 (24.60%), invalid chksum: 0
|
|
29/11/2019 -- 20:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 20:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 20:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 20:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 20:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 20:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 20:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 20:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 21:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 21:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 21:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 21:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 21:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 21:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 21:00:02 - <Info> - time elapsed 1774.069s
|
|
29/11/2019 -- 21:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 21:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 21:00:05 - <Notice> - Stats for 'eno4': pkts: 555249840, drop: 137254174 (24.72%), invalid chksum: 0
|
|
29/11/2019 -- 21:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 21:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 21:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 21:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 21:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 21:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 21:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 21:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 21:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 21:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 21:30:02 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 21:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 21:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 21:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 21:30:02 - <Info> - time elapsed 1774.171s
|
|
29/11/2019 -- 21:30:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 21:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 21:30:05 - <Notice> - Stats for 'eno4': pkts: 576568599, drop: 158401761 (27.47%), invalid chksum: 0
|
|
29/11/2019 -- 21:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 21:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 21:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 21:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 21:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 21:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 21:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 21:30:30 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 22:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 22:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 22:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 22:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 22:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 22:00:02 - <Info> - time elapsed 1772.551s
|
|
29/11/2019 -- 22:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 22:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 564326285, drop: 141894680 (25.14%), invalid chksum: 0
|
|
29/11/2019 -- 22:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 22:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 22:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 22:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 22:00:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 22:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 22:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 22:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 22:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 22:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 22:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 22:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 22:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 22:30:02 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 22:30:02 - <Info> - time elapsed 1773.889s
|
|
29/11/2019 -- 22:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 22:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 22:30:06 - <Notice> - Stats for 'eno4': pkts: 599332609, drop: 152941712 (25.52%), invalid chksum: 0
|
|
29/11/2019 -- 22:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 22:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 22:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 22:30:29 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 22:30:29 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 22:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 22:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 22:30:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 23:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 23:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 23:00:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 23:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 23:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 23:00:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 23:00:02 - <Info> - time elapsed 1773.027s
|
|
29/11/2019 -- 23:00:04 - <Info> - Alerts: 0
|
|
29/11/2019 -- 23:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 23:00:05 - <Notice> - Stats for 'eno4': pkts: 559381097, drop: 144281315 (25.79%), invalid chksum: 0
|
|
29/11/2019 -- 23:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 23:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 23:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 23:00:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 23:00:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 23:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 23:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 23:00:29 - <Info> - All AFP capture threads are running.
|
|
29/11/2019 -- 23:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
29/11/2019 -- 23:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
29/11/2019 -- 23:30:01 - <Info> - CPUs/cores online: 12
|
|
29/11/2019 -- 23:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
29/11/2019 -- 23:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
29/11/2019 -- 23:30:01 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 23:30:02 - <Info> - time elapsed 1774.169s
|
|
29/11/2019 -- 23:30:05 - <Info> - Alerts: 0
|
|
29/11/2019 -- 23:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
29/11/2019 -- 23:30:05 - <Notice> - Stats for 'eno4': pkts: 644903148, drop: 164368600 (25.49%), invalid chksum: 0
|
|
29/11/2019 -- 23:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
29/11/2019 -- 23:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
29/11/2019 -- 23:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
29/11/2019 -- 23:30:28 - <Info> - Going to use 12 thread(s)
|
|
29/11/2019 -- 23:30:28 - <Info> - Running in live mode, activating unix socket
|
|
29/11/2019 -- 23:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
29/11/2019 -- 23:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
29/11/2019 -- 23:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 00:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 00:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 00:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 00:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 00:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 00:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 00:00:03 - <Info> - time elapsed 1774.304s
|
|
30/11/2019 -- 00:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 00:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 00:00:05 - <Notice> - Stats for 'eno4': pkts: 585951406, drop: 149074226 (25.44%), invalid chksum: 0
|
|
30/11/2019 -- 00:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 00:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 00:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 00:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 00:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 00:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 00:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 00:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 00:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 00:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 00:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 00:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 00:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 00:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 00:30:02 - <Info> - time elapsed 1773.257s
|
|
30/11/2019 -- 00:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 00:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 00:30:06 - <Notice> - Stats for 'eno4': pkts: 543827822, drop: 133559438 (24.56%), invalid chksum: 0
|
|
30/11/2019 -- 00:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 00:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 00:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 00:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 00:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 00:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 00:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 00:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 01:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 01:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 01:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 01:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 01:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 01:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 01:00:02 - <Info> - time elapsed 1773.829s
|
|
30/11/2019 -- 01:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 01:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 01:00:05 - <Notice> - Stats for 'eno4': pkts: 516359811, drop: 159806879 (30.95%), invalid chksum: 0
|
|
30/11/2019 -- 01:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 01:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 01:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 01:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 01:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 01:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 01:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 01:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 01:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 01:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 01:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 01:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 01:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 01:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 01:30:02 - <Info> - time elapsed 1774.035s
|
|
30/11/2019 -- 01:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 01:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 01:30:05 - <Notice> - Stats for 'eno4': pkts: 712289101, drop: 216323836 (30.37%), invalid chksum: 0
|
|
30/11/2019 -- 01:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 01:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 01:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 01:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 01:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 01:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 01:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 01:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 02:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 02:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 02:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 02:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 02:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 02:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 02:00:02 - <Info> - time elapsed 1773.162s
|
|
30/11/2019 -- 02:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 02:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 02:00:05 - <Notice> - Stats for 'eno4': pkts: 562357889, drop: 182017300 (32.37%), invalid chksum: 0
|
|
30/11/2019 -- 02:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 02:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 02:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 02:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 02:00:30 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 02:00:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 02:00:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 02:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 02:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 02:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 02:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 02:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 02:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 02:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 02:30:02 - <Info> - time elapsed 1772.731s
|
|
30/11/2019 -- 02:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 02:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 02:30:05 - <Notice> - Stats for 'eno4': pkts: 561009770, drop: 133036081 (23.71%), invalid chksum: 0
|
|
30/11/2019 -- 02:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 02:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 02:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 02:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 02:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 02:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 02:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 02:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 03:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 03:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 03:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 03:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 03:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 03:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 03:00:03 - <Info> - time elapsed 1774.148s
|
|
30/11/2019 -- 03:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 03:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 03:00:05 - <Notice> - Stats for 'eno4': pkts: 549064029, drop: 140827316 (25.65%), invalid chksum: 0
|
|
30/11/2019 -- 03:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 03:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 03:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 03:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 03:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 03:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 03:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 03:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 03:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 03:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 03:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 03:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 03:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 03:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 03:30:02 - <Info> - time elapsed 1772.867s
|
|
30/11/2019 -- 03:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 03:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 03:30:05 - <Notice> - Stats for 'eno4': pkts: 669930069, drop: 198428912 (29.62%), invalid chksum: 0
|
|
30/11/2019 -- 03:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 03:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 03:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 03:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 03:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 03:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 03:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 03:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 04:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 04:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 04:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 04:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 04:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 04:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 04:00:02 - <Info> - time elapsed 1774.065s
|
|
30/11/2019 -- 04:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 04:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 04:00:05 - <Notice> - Stats for 'eno4': pkts: 566217335, drop: 149746103 (26.45%), invalid chksum: 0
|
|
30/11/2019 -- 04:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 04:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 04:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 04:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 04:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 04:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 04:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 04:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 04:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 04:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 04:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 04:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 04:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 04:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 04:30:02 - <Info> - time elapsed 1772.908s
|
|
30/11/2019 -- 04:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 04:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 04:30:04 - <Notice> - Stats for 'eno4': pkts: 571989803, drop: 155114960 (27.12%), invalid chksum: 0
|
|
30/11/2019 -- 04:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 04:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 04:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 04:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 04:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 04:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 04:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 04:30:28 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 05:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 05:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 05:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 05:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 05:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 05:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 05:00:02 - <Info> - time elapsed 1774.228s
|
|
30/11/2019 -- 05:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 05:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 05:00:05 - <Notice> - Stats for 'eno4': pkts: 549491834, drop: 149028578 (27.12%), invalid chksum: 0
|
|
30/11/2019 -- 05:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 05:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 05:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 05:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 05:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 05:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 05:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 05:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 05:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 05:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 05:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 05:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 05:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 05:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 05:30:03 - <Info> - time elapsed 1774.607s
|
|
30/11/2019 -- 05:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 05:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 05:30:06 - <Notice> - Stats for 'eno4': pkts: 566118227, drop: 147467355 (26.05%), invalid chksum: 0
|
|
30/11/2019 -- 05:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 05:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 05:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 05:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 05:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 05:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 05:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 05:30:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 06:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 06:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 06:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 06:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 06:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 06:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 06:00:02 - <Info> - time elapsed 1772.716s
|
|
30/11/2019 -- 06:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 06:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 06:00:05 - <Notice> - Stats for 'eno4': pkts: 518623111, drop: 147936597 (28.52%), invalid chksum: 0
|
|
30/11/2019 -- 06:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 06:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 06:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 06:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 06:00:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 06:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 06:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 06:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 06:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 06:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 06:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 06:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 06:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 06:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 06:30:03 - <Info> - time elapsed 1774.763s
|
|
30/11/2019 -- 06:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 06:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 06:30:06 - <Notice> - Stats for 'eno4': pkts: 576960129, drop: 165830594 (28.74%), invalid chksum: 0
|
|
30/11/2019 -- 06:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 06:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 06:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 06:30:31 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 06:30:31 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 06:30:31 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 06:30:31 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 06:30:32 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 07:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 07:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 07:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 07:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 07:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 07:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 07:00:03 - <Info> - time elapsed 1771.560s
|
|
30/11/2019 -- 07:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 07:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 07:00:05 - <Notice> - Stats for 'eno4': pkts: 550183893, drop: 158794987 (28.86%), invalid chksum: 0
|
|
30/11/2019 -- 07:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 07:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 07:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 07:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 07:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 07:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 07:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 07:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 07:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 07:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 07:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 07:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 07:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 07:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 07:30:02 - <Info> - time elapsed 1773.316s
|
|
30/11/2019 -- 07:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 07:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 07:30:04 - <Notice> - Stats for 'eno4': pkts: 544396039, drop: 140613281 (25.83%), invalid chksum: 0
|
|
30/11/2019 -- 07:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 07:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 07:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 07:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 07:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 07:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 07:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 07:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 08:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 08:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 08:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 08:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 08:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 08:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 08:00:02 - <Info> - time elapsed 1774.243s
|
|
30/11/2019 -- 08:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 08:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 08:00:05 - <Notice> - Stats for 'eno4': pkts: 565980120, drop: 161809575 (28.59%), invalid chksum: 0
|
|
30/11/2019 -- 08:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 08:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 08:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 08:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 08:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 08:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 08:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 08:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 08:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 08:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 08:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 08:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 08:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 08:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 08:30:02 - <Info> - time elapsed 1772.983s
|
|
30/11/2019 -- 08:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 08:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 08:30:04 - <Notice> - Stats for 'eno4': pkts: 553643532, drop: 147235779 (26.59%), invalid chksum: 0
|
|
30/11/2019 -- 08:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 08:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 08:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 08:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 08:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 08:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 08:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 08:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 09:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 09:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 09:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 09:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 09:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 09:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 09:00:02 - <Info> - time elapsed 1772.986s
|
|
30/11/2019 -- 09:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 09:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 09:00:04 - <Notice> - Stats for 'eno4': pkts: 545892892, drop: 142298453 (26.07%), invalid chksum: 0
|
|
30/11/2019 -- 09:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 09:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 09:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 09:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 09:00:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 09:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 09:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 09:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 09:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 09:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 09:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 09:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 09:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 09:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 09:30:03 - <Info> - time elapsed 1774.613s
|
|
30/11/2019 -- 09:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 09:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 09:30:05 - <Notice> - Stats for 'eno4': pkts: 534947897, drop: 136264613 (25.47%), invalid chksum: 0
|
|
30/11/2019 -- 09:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 09:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 09:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 09:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 09:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 09:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 09:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 09:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 10:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 10:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 10:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 10:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 10:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 10:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 10:00:02 - <Info> - time elapsed 1773.037s
|
|
30/11/2019 -- 10:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 10:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 10:00:05 - <Notice> - Stats for 'eno4': pkts: 549701794, drop: 143576446 (26.12%), invalid chksum: 0
|
|
30/11/2019 -- 10:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 10:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 10:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 10:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 10:00:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 10:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 10:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 10:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 10:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 10:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 10:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 10:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 10:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 10:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 10:30:02 - <Info> - time elapsed 1774.445s
|
|
30/11/2019 -- 10:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 10:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 10:30:05 - <Notice> - Stats for 'eno4': pkts: 558774650, drop: 155789925 (27.88%), invalid chksum: 0
|
|
30/11/2019 -- 10:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 10:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 10:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 10:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 10:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 10:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 10:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 10:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 11:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 11:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 11:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 11:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 11:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 11:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 11:00:03 - <Info> - time elapsed 1774.226s
|
|
30/11/2019 -- 11:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 11:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 11:00:05 - <Notice> - Stats for 'eno4': pkts: 535543527, drop: 140476419 (26.23%), invalid chksum: 0
|
|
30/11/2019 -- 11:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 11:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 11:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 11:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 11:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 11:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 11:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 11:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 11:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 11:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 11:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 11:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 11:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 11:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 11:30:02 - <Info> - time elapsed 1773.196s
|
|
30/11/2019 -- 11:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 11:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 11:30:04 - <Notice> - Stats for 'eno4': pkts: 535613379, drop: 140544737 (26.24%), invalid chksum: 0
|
|
30/11/2019 -- 11:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 11:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 11:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 11:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 11:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 11:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 11:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 11:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 12:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 12:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 12:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 12:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 12:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 12:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 12:00:02 - <Info> - time elapsed 1774.009s
|
|
30/11/2019 -- 12:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 12:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 12:00:05 - <Notice> - Stats for 'eno4': pkts: 527837301, drop: 136675164 (25.89%), invalid chksum: 0
|
|
30/11/2019 -- 12:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 12:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 12:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 12:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 12:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 12:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 12:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 12:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 12:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 12:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 12:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 12:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 12:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 12:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 12:30:02 - <Info> - time elapsed 1772.880s
|
|
30/11/2019 -- 12:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 12:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 12:30:04 - <Notice> - Stats for 'eno4': pkts: 514600734, drop: 136680335 (26.56%), invalid chksum: 0
|
|
30/11/2019 -- 12:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 12:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 12:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 12:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 12:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 12:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 12:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 12:30:28 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 13:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 13:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 13:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 13:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 13:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 13:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 13:00:02 - <Info> - time elapsed 1774.359s
|
|
30/11/2019 -- 13:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 13:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 13:00:05 - <Notice> - Stats for 'eno4': pkts: 505819034, drop: 137543942 (27.19%), invalid chksum: 0
|
|
30/11/2019 -- 13:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 13:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 13:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 13:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 13:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 13:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 13:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 13:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 13:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 13:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 13:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 13:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 13:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 13:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 13:30:02 - <Info> - time elapsed 1774.050s
|
|
30/11/2019 -- 13:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 13:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 13:30:05 - <Notice> - Stats for 'eno4': pkts: 514901482, drop: 151269843 (29.38%), invalid chksum: 0
|
|
30/11/2019 -- 13:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 13:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 13:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 13:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 13:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 13:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 13:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 13:30:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 14:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 14:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 14:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 14:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 14:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 14:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 14:00:02 - <Info> - time elapsed 1772.736s
|
|
30/11/2019 -- 14:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 14:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 14:00:04 - <Notice> - Stats for 'eno4': pkts: 493287027, drop: 142408498 (28.87%), invalid chksum: 0
|
|
30/11/2019 -- 14:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 14:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 14:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 14:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 14:00:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 14:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 14:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 14:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 14:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 14:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 14:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 14:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 14:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 14:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 14:30:02 - <Info> - time elapsed 1773.956s
|
|
30/11/2019 -- 14:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 14:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 14:30:04 - <Notice> - Stats for 'eno4': pkts: 534721637, drop: 181009971 (33.85%), invalid chksum: 0
|
|
30/11/2019 -- 14:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 14:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 14:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 14:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 14:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 14:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 14:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 14:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 15:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 15:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 15:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 15:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 15:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 15:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 15:00:02 - <Info> - time elapsed 1774.306s
|
|
30/11/2019 -- 15:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 15:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 15:00:05 - <Notice> - Stats for 'eno4': pkts: 517925842, drop: 135227800 (26.11%), invalid chksum: 0
|
|
30/11/2019 -- 15:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 15:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 15:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 15:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 15:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 15:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 15:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 15:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 15:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 15:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 15:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 15:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 15:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 15:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 15:30:02 - <Info> - time elapsed 1773.365s
|
|
30/11/2019 -- 15:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 15:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 15:30:04 - <Notice> - Stats for 'eno4': pkts: 563216912, drop: 149026485 (26.46%), invalid chksum: 0
|
|
30/11/2019 -- 15:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 15:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 15:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 15:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 15:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 15:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 15:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 15:30:28 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 16:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 16:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 16:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 16:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 16:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 16:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 16:00:02 - <Info> - time elapsed 1774.114s
|
|
30/11/2019 -- 16:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 16:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 16:00:05 - <Notice> - Stats for 'eno4': pkts: 581986293, drop: 151841157 (26.09%), invalid chksum: 0
|
|
30/11/2019 -- 16:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 16:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 16:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 16:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 16:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 16:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 16:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 16:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 16:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 16:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 16:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 16:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 16:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 16:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 16:30:03 - <Info> - time elapsed 1773.864s
|
|
30/11/2019 -- 16:30:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 16:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 16:30:05 - <Notice> - Stats for 'eno4': pkts: 580332032, drop: 150905322 (26.00%), invalid chksum: 0
|
|
30/11/2019 -- 16:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 16:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 16:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 16:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 16:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 16:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 16:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 16:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 17:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 17:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 17:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 17:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 17:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 17:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 17:00:02 - <Info> - time elapsed 1773.145s
|
|
30/11/2019 -- 17:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 17:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 17:00:05 - <Notice> - Stats for 'eno4': pkts: 542748161, drop: 159262549 (29.34%), invalid chksum: 0
|
|
30/11/2019 -- 17:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 17:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 17:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 17:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 17:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 17:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 17:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 17:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 17:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 17:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 17:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 17:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 17:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 17:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 17:30:02 - <Info> - time elapsed 1773.290s
|
|
30/11/2019 -- 17:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 17:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 17:30:05 - <Notice> - Stats for 'eno4': pkts: 573702471, drop: 147706533 (25.75%), invalid chksum: 0
|
|
30/11/2019 -- 17:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 17:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 17:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 17:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 17:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 17:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 17:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 17:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 18:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 18:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 18:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 18:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 18:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 18:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 18:00:03 - <Info> - time elapsed 1773.754s
|
|
30/11/2019 -- 18:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 18:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 18:00:05 - <Notice> - Stats for 'eno4': pkts: 557448941, drop: 188537663 (33.82%), invalid chksum: 0
|
|
30/11/2019 -- 18:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 18:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 18:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 18:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 18:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 18:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 18:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 18:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 18:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 18:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 18:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 18:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 18:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 18:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 18:30:02 - <Info> - time elapsed 1773.332s
|
|
30/11/2019 -- 18:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 18:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 18:30:04 - <Notice> - Stats for 'eno4': pkts: 573530167, drop: 147775487 (25.77%), invalid chksum: 0
|
|
30/11/2019 -- 18:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 18:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 18:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 18:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 18:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 18:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 18:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 18:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 19:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 19:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 19:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 19:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 19:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 19:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 19:00:02 - <Info> - time elapsed 1774.316s
|
|
30/11/2019 -- 19:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 19:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 19:00:05 - <Notice> - Stats for 'eno4': pkts: 534035012, drop: 148016257 (27.72%), invalid chksum: 0
|
|
30/11/2019 -- 19:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 19:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 19:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 19:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 19:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 19:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 19:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 19:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 19:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 19:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 19:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 19:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 19:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 19:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 19:30:01 - <Info> - time elapsed 1772.987s
|
|
30/11/2019 -- 19:30:03 - <Info> - Alerts: 0
|
|
30/11/2019 -- 19:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 19:30:04 - <Notice> - Stats for 'eno4': pkts: 520856312, drop: 132060117 (25.35%), invalid chksum: 0
|
|
30/11/2019 -- 19:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 19:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 19:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 19:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 19:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 19:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 19:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 19:30:28 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 20:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 20:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 20:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 20:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 20:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 20:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 20:00:02 - <Info> - time elapsed 1774.363s
|
|
30/11/2019 -- 20:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 20:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 20:00:04 - <Notice> - Stats for 'eno4': pkts: 521187442, drop: 130379059 (25.02%), invalid chksum: 0
|
|
30/11/2019 -- 20:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 20:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 20:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 20:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 20:00:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 20:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 20:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 20:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 20:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 20:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 20:30:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 20:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 20:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 20:30:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 20:30:02 - <Info> - time elapsed 1774.255s
|
|
30/11/2019 -- 20:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 20:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 20:30:05 - <Notice> - Stats for 'eno4': pkts: 524336220, drop: 135214390 (25.79%), invalid chksum: 0
|
|
30/11/2019 -- 20:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 20:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 20:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 20:30:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 20:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 20:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 20:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 20:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 21:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 21:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 21:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 21:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 21:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 21:00:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 21:00:02 - <Info> - time elapsed 1772.806s
|
|
30/11/2019 -- 21:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 21:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 21:00:04 - <Notice> - Stats for 'eno4': pkts: 510306727, drop: 124861505 (24.47%), invalid chksum: 0
|
|
30/11/2019 -- 21:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 21:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 21:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 21:00:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 21:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 21:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 21:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 21:00:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 21:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 21:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 21:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 21:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 21:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 21:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 21:30:02 - <Info> - time elapsed 1773.844s
|
|
30/11/2019 -- 21:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 21:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 21:30:05 - <Notice> - Stats for 'eno4': pkts: 523024606, drop: 150304926 (28.74%), invalid chksum: 0
|
|
30/11/2019 -- 21:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 21:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 21:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 21:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 21:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 21:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 21:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 21:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 22:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 22:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 22:00:02 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 22:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 22:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 22:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 22:00:03 - <Info> - time elapsed 1774.147s
|
|
30/11/2019 -- 22:00:05 - <Info> - Alerts: 0
|
|
30/11/2019 -- 22:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 22:00:05 - <Notice> - Stats for 'eno4': pkts: 515971070, drop: 138409082 (26.82%), invalid chksum: 0
|
|
30/11/2019 -- 22:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 22:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 22:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 22:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 22:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 22:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 22:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 22:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 22:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 22:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 22:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 22:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 22:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 22:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 22:30:02 - <Info> - time elapsed 1772.754s
|
|
30/11/2019 -- 22:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 22:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 22:30:04 - <Notice> - Stats for 'eno4': pkts: 526111097, drop: 164283366 (31.23%), invalid chksum: 0
|
|
30/11/2019 -- 22:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 22:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 22:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 22:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 22:30:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 22:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 22:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 22:30:29 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 23:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 23:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 23:00:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 23:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 23:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 23:00:02 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 23:00:02 - <Info> - time elapsed 1773.952s
|
|
30/11/2019 -- 23:00:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 23:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 23:00:05 - <Notice> - Stats for 'eno4': pkts: 528276591, drop: 134470470 (25.45%), invalid chksum: 0
|
|
30/11/2019 -- 23:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 23:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 23:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 23:00:29 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 23:00:29 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 23:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 23:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 23:00:30 - <Info> - All AFP capture threads are running.
|
|
30/11/2019 -- 23:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
30/11/2019 -- 23:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
30/11/2019 -- 23:30:01 - <Info> - CPUs/cores online: 12
|
|
30/11/2019 -- 23:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
30/11/2019 -- 23:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
30/11/2019 -- 23:30:01 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 23:30:02 - <Info> - time elapsed 1772.471s
|
|
30/11/2019 -- 23:30:04 - <Info> - Alerts: 0
|
|
30/11/2019 -- 23:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
30/11/2019 -- 23:30:04 - <Notice> - Stats for 'eno4': pkts: 629615100, drop: 206496047 (32.80%), invalid chksum: 0
|
|
30/11/2019 -- 23:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
30/11/2019 -- 23:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
30/11/2019 -- 23:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
30/11/2019 -- 23:30:28 - <Info> - Going to use 12 thread(s)
|
|
30/11/2019 -- 23:30:28 - <Info> - Running in live mode, activating unix socket
|
|
30/11/2019 -- 23:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
30/11/2019 -- 23:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
30/11/2019 -- 23:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 00:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 00:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 00:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 00:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 00:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 00:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 00:00:02 - <Info> - time elapsed 1773.962s
|
|
1/12/2019 -- 00:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 00:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 00:00:04 - <Notice> - Stats for 'eno4': pkts: 539631890, drop: 144038549 (26.69%), invalid chksum: 0
|
|
1/12/2019 -- 00:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 00:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 00:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 00:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 00:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 00:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 00:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 00:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 00:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 00:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 00:30:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 00:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 00:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 00:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 00:30:02 - <Info> - time elapsed 1773.598s
|
|
1/12/2019 -- 00:30:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 00:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 00:30:06 - <Notice> - Stats for 'eno4': pkts: 539188618, drop: 135520176 (25.13%), invalid chksum: 0
|
|
1/12/2019 -- 00:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 00:30:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 00:30:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 00:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 00:30:30 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 00:30:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 00:30:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 00:30:30 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 01:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 01:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 01:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 01:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 01:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 01:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 01:00:02 - <Info> - time elapsed 1772.158s
|
|
1/12/2019 -- 01:00:03 - <Info> - Alerts: 0
|
|
1/12/2019 -- 01:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 01:00:04 - <Notice> - Stats for 'eno4': pkts: 505713372, drop: 117497428 (23.23%), invalid chksum: 0
|
|
1/12/2019 -- 01:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 01:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 01:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 01:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 01:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 01:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 01:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 01:00:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 01:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 01:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 01:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 01:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 01:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 01:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 01:30:02 - <Info> - time elapsed 1774.229s
|
|
1/12/2019 -- 01:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 01:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 01:30:05 - <Notice> - Stats for 'eno4': pkts: 575913963, drop: 148911597 (25.86%), invalid chksum: 0
|
|
1/12/2019 -- 01:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 01:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 01:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 01:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 01:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 01:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 01:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 01:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 02:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 02:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 02:00:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 02:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 02:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 02:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 02:00:02 - <Info> - time elapsed 1773.836s
|
|
1/12/2019 -- 02:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 02:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 02:00:05 - <Notice> - Stats for 'eno4': pkts: 584259043, drop: 147332964 (25.22%), invalid chksum: 0
|
|
1/12/2019 -- 02:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 02:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 02:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 02:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 02:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 02:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 02:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 02:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 02:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 02:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 02:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 02:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 02:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 02:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 02:30:02 - <Info> - time elapsed 1772.957s
|
|
1/12/2019 -- 02:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 02:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 02:30:04 - <Notice> - Stats for 'eno4': pkts: 568739284, drop: 145440257 (25.57%), invalid chksum: 1
|
|
1/12/2019 -- 02:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 02:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 02:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 02:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 02:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 02:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 02:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 02:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 03:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 03:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 03:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 03:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 03:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 03:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 03:00:02 - <Info> - time elapsed 1773.884s
|
|
1/12/2019 -- 03:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 03:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 03:00:05 - <Notice> - Stats for 'eno4': pkts: 550176423, drop: 143576752 (26.10%), invalid chksum: 0
|
|
1/12/2019 -- 03:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 03:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 03:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 03:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 03:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 03:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 03:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 03:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 03:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 03:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 03:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 03:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 03:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 03:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 03:30:02 - <Info> - time elapsed 1773.365s
|
|
1/12/2019 -- 03:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 03:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 03:30:04 - <Notice> - Stats for 'eno4': pkts: 689478913, drop: 222700714 (32.30%), invalid chksum: 0
|
|
1/12/2019 -- 03:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 03:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 03:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 03:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 03:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 03:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 03:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 03:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 04:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 04:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 04:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 04:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 04:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 04:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 04:00:02 - <Info> - time elapsed 1773.583s
|
|
1/12/2019 -- 04:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 04:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 04:00:04 - <Notice> - Stats for 'eno4': pkts: 537601106, drop: 135825866 (25.27%), invalid chksum: 0
|
|
1/12/2019 -- 04:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 04:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 04:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 04:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 04:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 04:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 04:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 04:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 04:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 04:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 04:30:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 04:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 04:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 04:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 04:30:02 - <Info> - time elapsed 1774.077s
|
|
1/12/2019 -- 04:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 04:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 04:30:05 - <Notice> - Stats for 'eno4': pkts: 637056000, drop: 218578221 (34.31%), invalid chksum: 0
|
|
1/12/2019 -- 04:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 04:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 04:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 04:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 04:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 04:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 04:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 04:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 05:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 05:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 05:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 05:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 05:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 05:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 05:00:02 - <Info> - time elapsed 1772.780s
|
|
1/12/2019 -- 05:00:03 - <Info> - Alerts: 0
|
|
1/12/2019 -- 05:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 05:00:04 - <Notice> - Stats for 'eno4': pkts: 558797309, drop: 134659516 (24.10%), invalid chksum: 0
|
|
1/12/2019 -- 05:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 05:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 05:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 05:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 05:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 05:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 05:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 05:00:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 05:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 05:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 05:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 05:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 05:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 05:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 05:30:02 - <Info> - time elapsed 1774.126s
|
|
1/12/2019 -- 05:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 05:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 05:30:04 - <Notice> - Stats for 'eno4': pkts: 583686062, drop: 207317301 (35.52%), invalid chksum: 0
|
|
1/12/2019 -- 05:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 05:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 05:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 05:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 05:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 05:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 05:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 05:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 06:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 06:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 06:00:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 06:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 06:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 06:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 06:00:03 - <Info> - time elapsed 1774.520s
|
|
1/12/2019 -- 06:00:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 06:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 06:00:05 - <Notice> - Stats for 'eno4': pkts: 550140145, drop: 149669838 (27.21%), invalid chksum: 0
|
|
1/12/2019 -- 06:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 06:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 06:00:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 06:00:30 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 06:00:30 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 06:00:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 06:00:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 06:00:30 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 06:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 06:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 06:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 06:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 06:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 06:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 06:30:02 - <Info> - time elapsed 1772.747s
|
|
1/12/2019 -- 06:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 06:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 06:30:05 - <Notice> - Stats for 'eno4': pkts: 609022056, drop: 148429480 (24.37%), invalid chksum: 0
|
|
1/12/2019 -- 06:30:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 06:30:12 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 06:30:12 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 06:30:32 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 06:30:32 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 06:30:32 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 06:30:32 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 06:30:32 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 07:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 07:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 07:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 07:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 07:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 07:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 07:00:02 - <Info> - time elapsed 1769.873s
|
|
1/12/2019 -- 07:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 07:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 07:00:05 - <Notice> - Stats for 'eno4': pkts: 577239402, drop: 184376843 (31.94%), invalid chksum: 0
|
|
1/12/2019 -- 07:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 07:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 07:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 07:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 07:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 07:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 07:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 07:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 07:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 07:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 07:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 07:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 07:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 07:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 07:30:02 - <Info> - time elapsed 1774.156s
|
|
1/12/2019 -- 07:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 07:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 07:30:05 - <Notice> - Stats for 'eno4': pkts: 573973318, drop: 150447377 (26.21%), invalid chksum: 0
|
|
1/12/2019 -- 07:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 07:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 07:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 07:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 07:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 07:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 07:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 07:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 08:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 08:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 08:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 08:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 08:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 08:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 08:00:01 - <Info> - time elapsed 1772.867s
|
|
1/12/2019 -- 08:00:03 - <Info> - Alerts: 0
|
|
1/12/2019 -- 08:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 08:00:04 - <Notice> - Stats for 'eno4': pkts: 619184684, drop: 206062325 (33.28%), invalid chksum: 0
|
|
1/12/2019 -- 08:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 08:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 08:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 08:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 08:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 08:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 08:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 08:00:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 08:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 08:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 08:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 08:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 08:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 08:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 08:30:02 - <Info> - time elapsed 1774.287s
|
|
1/12/2019 -- 08:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 08:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 08:30:05 - <Notice> - Stats for 'eno4': pkts: 605330229, drop: 148946099 (24.61%), invalid chksum: 0
|
|
1/12/2019 -- 08:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 08:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 08:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 08:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 08:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 08:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 08:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 08:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 09:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 09:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 09:00:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 09:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 09:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 09:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 09:00:02 - <Info> - time elapsed 1774.166s
|
|
1/12/2019 -- 09:00:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 09:00:06 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 09:00:06 - <Notice> - Stats for 'eno4': pkts: 606756646, drop: 153305703 (25.27%), invalid chksum: 0
|
|
1/12/2019 -- 09:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 09:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 09:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 09:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 09:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 09:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 09:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 09:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 09:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 09:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 09:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 09:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 09:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 09:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 09:30:02 - <Info> - time elapsed 1772.828s
|
|
1/12/2019 -- 09:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 09:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 09:30:04 - <Notice> - Stats for 'eno4': pkts: 643501026, drop: 170016732 (26.42%), invalid chksum: 0
|
|
1/12/2019 -- 09:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 09:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 09:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 09:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 09:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 09:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 09:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 09:30:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 10:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 10:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 10:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 10:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 10:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 10:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 10:00:02 - <Info> - time elapsed 1773.814s
|
|
1/12/2019 -- 10:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 10:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 10:00:04 - <Notice> - Stats for 'eno4': pkts: 632890254, drop: 171082304 (27.03%), invalid chksum: 0
|
|
1/12/2019 -- 10:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 10:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 10:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 10:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 10:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 10:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 10:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 10:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 10:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 10:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 10:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 10:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 10:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 10:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 10:30:01 - <Info> - time elapsed 1773.170s
|
|
1/12/2019 -- 10:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 10:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 10:30:04 - <Notice> - Stats for 'eno4': pkts: 618637753, drop: 147839443 (23.90%), invalid chksum: 0
|
|
1/12/2019 -- 10:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 10:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 10:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 10:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 10:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 10:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 10:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 10:30:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 11:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 11:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 11:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 11:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 11:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 11:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 11:00:02 - <Info> - time elapsed 1773.929s
|
|
1/12/2019 -- 11:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 11:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 11:00:04 - <Notice> - Stats for 'eno4': pkts: 570426636, drop: 135272020 (23.71%), invalid chksum: 0
|
|
1/12/2019 -- 11:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 11:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 11:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 11:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 11:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 11:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 11:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 11:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 11:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 11:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 11:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 11:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 11:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 11:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 11:30:02 - <Info> - time elapsed 1773.705s
|
|
1/12/2019 -- 11:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 11:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 11:30:05 - <Notice> - Stats for 'eno4': pkts: 606512561, drop: 190878720 (31.47%), invalid chksum: 0
|
|
1/12/2019 -- 11:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 11:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 11:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 11:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 11:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 11:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 11:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 11:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 12:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 12:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 12:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 12:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 12:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 12:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 12:00:02 - <Info> - time elapsed 1772.865s
|
|
1/12/2019 -- 12:00:03 - <Info> - Alerts: 0
|
|
1/12/2019 -- 12:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 12:00:04 - <Notice> - Stats for 'eno4': pkts: 588466445, drop: 153593239 (26.10%), invalid chksum: 0
|
|
1/12/2019 -- 12:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 12:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 12:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 12:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 12:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 12:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 12:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 12:00:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 12:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 12:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 12:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 12:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 12:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 12:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 12:30:02 - <Info> - time elapsed 1774.003s
|
|
1/12/2019 -- 12:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 12:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 12:30:04 - <Notice> - Stats for 'eno4': pkts: 611855298, drop: 178698360 (29.21%), invalid chksum: 0
|
|
1/12/2019 -- 12:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 12:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 12:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 12:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 12:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 12:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 12:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 12:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 13:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 13:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 13:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 13:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 13:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 13:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 13:00:02 - <Info> - time elapsed 1773.889s
|
|
1/12/2019 -- 13:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 13:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 13:00:04 - <Notice> - Stats for 'eno4': pkts: 581673235, drop: 203143090 (34.92%), invalid chksum: 0
|
|
1/12/2019 -- 13:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 13:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 13:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 13:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 13:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 13:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 13:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 13:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 13:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 13:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 13:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 13:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 13:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 13:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 13:30:01 - <Info> - time elapsed 1773.188s
|
|
1/12/2019 -- 13:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 13:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 13:30:05 - <Notice> - Stats for 'eno4': pkts: 628167122, drop: 167997999 (26.74%), invalid chksum: 1
|
|
1/12/2019 -- 13:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 13:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 13:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 13:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 13:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 13:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 13:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 13:30:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 14:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 14:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 14:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 14:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 14:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 14:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 14:00:02 - <Info> - time elapsed 1774.143s
|
|
1/12/2019 -- 14:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 14:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 14:00:04 - <Notice> - Stats for 'eno4': pkts: 580836087, drop: 173163248 (29.81%), invalid chksum: 0
|
|
1/12/2019 -- 14:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 14:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 14:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 14:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 14:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 14:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 14:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 14:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 14:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 14:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 14:30:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 14:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 14:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 14:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 14:30:02 - <Info> - time elapsed 1774.326s
|
|
1/12/2019 -- 14:30:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 14:30:06 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 14:30:06 - <Notice> - Stats for 'eno4': pkts: 568014851, drop: 147272204 (25.93%), invalid chksum: 0
|
|
1/12/2019 -- 14:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 14:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 14:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 14:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 14:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 14:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 14:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 14:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 15:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 15:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 15:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 15:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 15:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 15:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 15:00:02 - <Info> - time elapsed 1773.038s
|
|
1/12/2019 -- 15:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 15:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 15:00:04 - <Notice> - Stats for 'eno4': pkts: 590771954, drop: 161300565 (27.30%), invalid chksum: 0
|
|
1/12/2019 -- 15:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 15:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 15:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 15:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 15:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 15:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 15:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 15:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 15:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 15:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 15:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 15:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 15:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 15:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 15:30:02 - <Info> - time elapsed 1773.860s
|
|
1/12/2019 -- 15:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 15:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 15:30:04 - <Notice> - Stats for 'eno4': pkts: 562910125, drop: 147143181 (26.14%), invalid chksum: 0
|
|
1/12/2019 -- 15:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 15:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 15:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 15:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 15:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 15:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 15:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 15:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 16:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 16:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 16:00:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 16:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 16:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 16:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 16:00:03 - <Info> - time elapsed 1774.490s
|
|
1/12/2019 -- 16:00:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 16:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 16:00:05 - <Notice> - Stats for 'eno4': pkts: 543543083, drop: 168791597 (31.05%), invalid chksum: 1
|
|
1/12/2019 -- 16:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 16:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 16:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 16:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 16:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 16:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 16:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 16:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 16:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 16:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 16:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 16:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 16:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 16:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 16:30:02 - <Info> - time elapsed 1773.138s
|
|
1/12/2019 -- 16:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 16:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 16:30:04 - <Notice> - Stats for 'eno4': pkts: 573770929, drop: 159715517 (27.84%), invalid chksum: 0
|
|
1/12/2019 -- 16:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 16:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 16:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 16:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 16:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 16:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 16:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 16:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 17:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 17:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 17:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 17:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 17:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 17:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 17:00:02 - <Info> - time elapsed 1773.059s
|
|
1/12/2019 -- 17:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 17:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 17:00:04 - <Notice> - Stats for 'eno4': pkts: 524926696, drop: 142089161 (27.07%), invalid chksum: 0
|
|
1/12/2019 -- 17:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 17:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 17:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 17:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 17:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 17:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 17:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 17:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 17:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 17:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 17:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 17:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 17:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 17:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 17:30:02 - <Info> - time elapsed 1773.258s
|
|
1/12/2019 -- 17:30:03 - <Info> - Alerts: 0
|
|
1/12/2019 -- 17:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 17:30:04 - <Notice> - Stats for 'eno4': pkts: 557830552, drop: 183198229 (32.84%), invalid chksum: 0
|
|
1/12/2019 -- 17:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 17:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 17:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 17:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 17:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 17:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 17:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 17:30:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 18:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 18:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 18:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 18:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 18:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 18:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 18:00:02 - <Info> - time elapsed 1774.147s
|
|
1/12/2019 -- 18:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 18:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 18:00:04 - <Notice> - Stats for 'eno4': pkts: 542622064, drop: 153336177 (28.26%), invalid chksum: 1
|
|
1/12/2019 -- 18:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 18:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 18:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 18:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 18:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 18:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 18:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 18:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 18:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 18:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 18:30:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 18:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 18:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 18:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 18:30:02 - <Info> - time elapsed 1774.084s
|
|
1/12/2019 -- 18:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 18:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 18:30:05 - <Notice> - Stats for 'eno4': pkts: 594376885, drop: 157352124 (26.47%), invalid chksum: 0
|
|
1/12/2019 -- 18:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 18:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 18:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 18:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 18:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 18:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 18:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 18:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 19:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 19:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 19:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 19:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 19:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 19:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 19:00:02 - <Info> - time elapsed 1773.167s
|
|
1/12/2019 -- 19:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 19:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 19:00:04 - <Notice> - Stats for 'eno4': pkts: 518967640, drop: 131810851 (25.40%), invalid chksum: 0
|
|
1/12/2019 -- 19:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 19:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 19:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 19:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 19:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 19:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 19:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 19:00:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 19:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 19:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 19:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 19:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 19:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 19:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 19:30:02 - <Info> - time elapsed 1774.032s
|
|
1/12/2019 -- 19:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 19:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 19:30:04 - <Notice> - Stats for 'eno4': pkts: 590570958, drop: 151786158 (25.70%), invalid chksum: 0
|
|
1/12/2019 -- 19:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 19:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 19:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 19:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 19:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 19:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 19:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 19:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 20:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 20:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 20:00:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 20:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 20:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 20:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 20:00:03 - <Info> - time elapsed 1774.438s
|
|
1/12/2019 -- 20:00:07 - <Info> - Alerts: 0
|
|
1/12/2019 -- 20:00:08 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 20:00:08 - <Notice> - Stats for 'eno4': pkts: 596472876, drop: 170339358 (28.56%), invalid chksum: 0
|
|
1/12/2019 -- 20:00:11 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 20:00:11 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 20:00:11 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 20:00:30 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 20:00:30 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 20:00:30 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 20:00:30 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 20:00:30 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 20:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 20:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 20:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 20:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 20:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 20:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 20:30:02 - <Info> - time elapsed 1772.146s
|
|
1/12/2019 -- 20:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 20:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 20:30:05 - <Notice> - Stats for 'eno4': pkts: 616973698, drop: 170259685 (27.60%), invalid chksum: 0
|
|
1/12/2019 -- 20:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 20:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 20:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 20:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 20:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 20:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 20:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 20:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 21:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 21:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 21:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 21:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 21:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 21:00:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 21:00:03 - <Info> - time elapsed 1774.345s
|
|
1/12/2019 -- 21:00:06 - <Info> - Alerts: 0
|
|
1/12/2019 -- 21:00:07 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 21:00:07 - <Notice> - Stats for 'eno4': pkts: 581675357, drop: 178983567 (30.77%), invalid chksum: 0
|
|
1/12/2019 -- 21:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 21:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 21:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 21:00:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 21:00:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 21:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 21:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 21:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 21:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 21:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 21:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 21:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 21:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 21:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 21:30:02 - <Info> - time elapsed 1772.894s
|
|
1/12/2019 -- 21:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 21:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 21:30:04 - <Notice> - Stats for 'eno4': pkts: 596341617, drop: 171734479 (28.80%), invalid chksum: 0
|
|
1/12/2019 -- 21:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 21:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 21:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 21:30:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 21:30:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 21:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 21:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 21:30:28 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 22:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 22:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 22:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 22:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 22:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 22:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 22:00:02 - <Info> - time elapsed 1774.298s
|
|
1/12/2019 -- 22:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 22:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 22:00:04 - <Notice> - Stats for 'eno4': pkts: 618658544, drop: 178330367 (28.83%), invalid chksum: 0
|
|
1/12/2019 -- 22:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 22:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 22:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 22:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 22:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 22:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 22:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 22:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 22:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 22:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 22:30:02 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 22:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 22:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 22:30:02 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 22:30:02 - <Info> - time elapsed 1773.923s
|
|
1/12/2019 -- 22:30:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 22:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 22:30:04 - <Notice> - Stats for 'eno4': pkts: 610469261, drop: 172880144 (28.32%), invalid chksum: 0
|
|
1/12/2019 -- 22:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 22:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 22:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 22:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 22:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 22:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 22:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 22:30:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 23:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 23:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 23:00:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 23:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 23:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 23:00:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 23:00:01 - <Info> - time elapsed 1772.582s
|
|
1/12/2019 -- 23:00:04 - <Info> - Alerts: 0
|
|
1/12/2019 -- 23:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 23:00:04 - <Notice> - Stats for 'eno4': pkts: 592542895, drop: 159628479 (26.94%), invalid chksum: 0
|
|
1/12/2019 -- 23:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 23:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 23:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 23:00:28 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 23:00:28 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 23:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 23:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 23:00:29 - <Info> - All AFP capture threads are running.
|
|
1/12/2019 -- 23:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
1/12/2019 -- 23:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
1/12/2019 -- 23:30:01 - <Info> - CPUs/cores online: 12
|
|
1/12/2019 -- 23:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
1/12/2019 -- 23:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
1/12/2019 -- 23:30:01 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 23:30:02 - <Info> - time elapsed 1774.044s
|
|
1/12/2019 -- 23:30:05 - <Info> - Alerts: 0
|
|
1/12/2019 -- 23:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
1/12/2019 -- 23:30:05 - <Notice> - Stats for 'eno4': pkts: 624581311, drop: 165062680 (26.43%), invalid chksum: 0
|
|
1/12/2019 -- 23:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
1/12/2019 -- 23:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
1/12/2019 -- 23:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
1/12/2019 -- 23:30:29 - <Info> - Going to use 12 thread(s)
|
|
1/12/2019 -- 23:30:29 - <Info> - Running in live mode, activating unix socket
|
|
1/12/2019 -- 23:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
1/12/2019 -- 23:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
1/12/2019 -- 23:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 00:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 00:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 00:00:02 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 00:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 00:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 00:00:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 00:00:03 - <Info> - time elapsed 1773.992s
|
|
2/12/2019 -- 00:00:05 - <Info> - Alerts: 0
|
|
2/12/2019 -- 00:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 00:00:05 - <Notice> - Stats for 'eno4': pkts: 591150776, drop: 162533655 (27.49%), invalid chksum: 0
|
|
2/12/2019 -- 00:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 00:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 00:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 00:00:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 00:00:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 00:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 00:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 00:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 00:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 00:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 00:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 00:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 00:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 00:30:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 00:30:01 - <Info> - time elapsed 1772.811s
|
|
2/12/2019 -- 00:30:03 - <Info> - Alerts: 0
|
|
2/12/2019 -- 00:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 00:30:04 - <Notice> - Stats for 'eno4': pkts: 500351428, drop: 127288361 (25.44%), invalid chksum: 0
|
|
2/12/2019 -- 00:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 00:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 00:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 00:30:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 00:30:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 00:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 00:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 00:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 01:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 01:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 01:00:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 01:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 01:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 01:00:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 01:00:02 - <Info> - time elapsed 1773.463s
|
|
2/12/2019 -- 01:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 01:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 01:00:05 - <Notice> - Stats for 'eno4': pkts: 496685762, drop: 129032401 (25.98%), invalid chksum: 0
|
|
2/12/2019 -- 01:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 01:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 01:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 01:00:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 01:00:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 01:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 01:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 01:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 01:30:02 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 01:30:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 01:30:02 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 01:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 01:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 01:30:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 01:30:03 - <Info> - time elapsed 1774.437s
|
|
2/12/2019 -- 01:30:05 - <Info> - Alerts: 0
|
|
2/12/2019 -- 01:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 01:30:05 - <Notice> - Stats for 'eno4': pkts: 579506952, drop: 164888806 (28.45%), invalid chksum: 0
|
|
2/12/2019 -- 01:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 01:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 01:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 01:30:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 01:30:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 01:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 01:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 01:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 02:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 02:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 02:00:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 02:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 02:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 02:00:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 02:00:02 - <Info> - time elapsed 1773.429s
|
|
2/12/2019 -- 02:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 02:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 02:00:04 - <Notice> - Stats for 'eno4': pkts: 548739183, drop: 156429053 (28.51%), invalid chksum: 0
|
|
2/12/2019 -- 02:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 02:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 02:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 02:00:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 02:00:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 02:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 02:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 02:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 02:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 02:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 02:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 02:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 02:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 02:30:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 02:30:02 - <Info> - time elapsed 1774.072s
|
|
2/12/2019 -- 02:30:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 02:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 02:30:05 - <Notice> - Stats for 'eno4': pkts: 510330670, drop: 129588374 (25.39%), invalid chksum: 0
|
|
2/12/2019 -- 02:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 02:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 02:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 02:30:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 02:30:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 02:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 02:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 02:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 03:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 03:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 03:00:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 03:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 03:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 03:00:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 03:00:02 - <Info> - time elapsed 1772.861s
|
|
2/12/2019 -- 03:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 03:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 03:00:04 - <Notice> - Stats for 'eno4': pkts: 617754081, drop: 173437657 (28.08%), invalid chksum: 0
|
|
2/12/2019 -- 03:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 03:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 03:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 03:00:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 03:00:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 03:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 03:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 03:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 03:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 03:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 03:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 03:30:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 03:30:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 03:30:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 03:30:02 - <Info> - time elapsed 1774.206s
|
|
2/12/2019 -- 03:30:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 03:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 03:30:05 - <Notice> - Stats for 'eno4': pkts: 698669737, drop: 239965109 (34.35%), invalid chksum: 0
|
|
2/12/2019 -- 03:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 03:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 03:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 03:30:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 03:30:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 03:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 03:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 03:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 04:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 04:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 04:00:02 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 04:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 04:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 04:00:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 04:00:03 - <Info> - time elapsed 1774.596s
|
|
2/12/2019 -- 04:00:05 - <Info> - Alerts: 0
|
|
2/12/2019 -- 04:00:06 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 04:00:06 - <Notice> - Stats for 'eno4': pkts: 579733446, drop: 177759985 (30.66%), invalid chksum: 0
|
|
2/12/2019 -- 04:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 04:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 04:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 04:00:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 04:00:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 04:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 04:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 04:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 04:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 04:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 04:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 04:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 04:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 04:30:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 04:30:02 - <Info> - time elapsed 1773.367s
|
|
2/12/2019 -- 04:30:05 - <Info> - Alerts: 0
|
|
2/12/2019 -- 04:30:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 04:30:05 - <Notice> - Stats for 'eno4': pkts: 610693248, drop: 172893011 (28.31%), invalid chksum: 0
|
|
2/12/2019 -- 04:30:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 04:30:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 04:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 04:30:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 04:30:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 04:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 04:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 04:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 05:00:02 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 05:00:02 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 05:00:02 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 05:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 05:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 05:00:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 05:00:02 - <Info> - time elapsed 1773.776s
|
|
2/12/2019 -- 05:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 05:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 05:00:05 - <Notice> - Stats for 'eno4': pkts: 500708438, drop: 126780497 (25.32%), invalid chksum: 0
|
|
2/12/2019 -- 05:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 05:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 05:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 05:00:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 05:00:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 05:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 05:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 05:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 05:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 05:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 05:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 05:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 05:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 05:30:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 05:30:02 - <Info> - time elapsed 1773.056s
|
|
2/12/2019 -- 05:30:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 05:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 05:30:04 - <Notice> - Stats for 'eno4': pkts: 510908896, drop: 124636419 (24.40%), invalid chksum: 0
|
|
2/12/2019 -- 05:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 05:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 05:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 05:30:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 05:30:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 05:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 05:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 05:30:28 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 06:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 06:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 06:00:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 06:00:02 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 06:00:02 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 06:00:02 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 06:00:02 - <Info> - time elapsed 1774.141s
|
|
2/12/2019 -- 06:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 06:00:05 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 06:00:05 - <Notice> - Stats for 'eno4': pkts: 506922028, drop: 137409638 (27.11%), invalid chksum: 0
|
|
2/12/2019 -- 06:00:10 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 06:00:10 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 06:00:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 06:00:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 06:00:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 06:00:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 06:00:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 06:00:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 06:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 06:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 06:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 06:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 06:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 06:30:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 06:30:02 - <Info> - time elapsed 1773.012s
|
|
2/12/2019 -- 06:30:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 06:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 06:30:04 - <Notice> - Stats for 'eno4': pkts: 559738382, drop: 155460647 (27.77%), invalid chksum: 0
|
|
2/12/2019 -- 06:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 06:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 06:30:10 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 06:30:29 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 06:30:29 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 06:30:29 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 06:30:29 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 06:30:30 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 07:00:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 07:00:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 07:00:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 07:00:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 07:00:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 07:00:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:00:02 - <Info> - time elapsed 1772.397s
|
|
2/12/2019 -- 07:00:04 - <Info> - Alerts: 0
|
|
2/12/2019 -- 07:00:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 07:00:04 - <Notice> - Stats for 'eno4': pkts: 529018963, drop: 205703098 (38.88%), invalid chksum: 0
|
|
2/12/2019 -- 07:00:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 07:00:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 07:00:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 07:00:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 07:00:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:00:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 07:00:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 07:00:28 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 07:30:01 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 07:30:01 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 07:30:01 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 07:30:01 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 07:30:01 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 07:30:01 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:30:01 - <Info> - time elapsed 1773.645s
|
|
2/12/2019 -- 07:30:03 - <Info> - Alerts: 0
|
|
2/12/2019 -- 07:30:04 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 07:30:04 - <Notice> - Stats for 'eno4': pkts: 575519414, drop: 153066940 (26.60%), invalid chksum: 0
|
|
2/12/2019 -- 07:30:09 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 07:30:09 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 07:30:09 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 07:30:28 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 07:30:28 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:30:28 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 07:30:28 - <Notice> - all 12 packet processing threads, 2 management threads initialized, engine started.
|
|
2/12/2019 -- 07:30:29 - <Info> - All AFP capture threads are running.
|
|
2/12/2019 -- 07:54:57 - <Notice> - Signal Received. Stopping engine.
|
|
2/12/2019 -- 07:54:57 - <Notice> - This is Suricata version 5.0.0 RELEASE running in SYSTEM mode
|
|
2/12/2019 -- 07:54:57 - <Info> - CPUs/cores online: 12
|
|
2/12/2019 -- 07:54:57 - <Info> - eve-log output device (regular) initialized: eve.json
|
|
2/12/2019 -- 07:54:57 - <Info> - stats output device (regular) initialized: stats.log
|
|
2/12/2019 -- 07:54:57 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:54:57 - <Info> - time elapsed 1469.344s
|
|
2/12/2019 -- 07:54:59 - <Info> - Alerts: 0
|
|
2/12/2019 -- 07:55:00 - <Info> - cleaning up signature grouping structure... complete
|
|
2/12/2019 -- 07:55:00 - <Notice> - Stats for 'eno4': pkts: 482648522, drop: 142561635 (29.54%), invalid chksum: 1
|
|
2/12/2019 -- 07:55:05 - <Info> - 1 rule files processed. 23715 rules successfully loaded, 0 rules failed
|
|
2/12/2019 -- 07:55:05 - <Info> - Threshold config parsed: 0 rule(s) found
|
|
2/12/2019 -- 07:55:05 - <Info> - 23719 signatures processed. 1066 are IP-only rules, 5099 are inspecting packet payload, 17458 inspect application layer, 0 are decoder event only
|
|
2/12/2019 -- 07:55:24 - <Info> - Going to use 12 thread(s)
|
|
2/12/2019 -- 07:55:24 - <Info> - Running in live mode, activating unix socket
|
|
2/12/2019 -- 07:55:24 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
2/12/2019 -- 07:55:24 - <Notice> - all 12 packet processing threads, 4 management threads initialized, engine started.
|
|
2/12/2019 -- 07:55:25 - <Info> - All AFP capture threads are running.
|