Actions
Bug #2008
closedSuricata 3.2, pcap-log no longer works due to timestamp_pattern PCRE
Affected Versions:
Effort:
Difficulty:
Label:
Description
On CentOS 6.8 with PCRE 7.8 I upgraded from Suricata 3.1-dev to 3.2 and now I cannot start in with pcap-log enabled. I get "Fail to study pcre".
It looks like the PCRE for timestamp_pattern was introduced in https://github.com/inliniac/suricata/commit/bbb93e487e6a4c206b158335128f108c8b08f909#diff-4748a24c4840feb50eb23119ad553bc7
Actions