logging: SC_LOG_OP_FILTER still displays some lines not matching filter
For example, SC_LOG_LEVEL=debug SC_LOG_OP_FILTER="suricata\.c" will still show some lines, in particular rule parse errors that don't appear to match the provided regular expression.
Updated by Philippe Antoine about 4 years ago
- Status changed from New to Closed
- Target version changed from TBD to 5.0rc1
This seems to be no longer the case with 5.0rc1
Without the filter, I get some logs like
 1/10/2019 -- 08:42:52 - (detect-parse.c:835) <Error> (SigParseProto) -- [ERRCODE: SC_ERR_UNKNOWN_PROTOCOL(124)]
With the filter, I no linger get them, and only get the filtered log messages such as
 1/10/2019 -- 08:43:22 - (suricata.c:2883) <Notice> (SuricataMainLoop) -- Signal Received. Stopping engine.