https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022019-05-23T21:50:40ZOpen Information Security FoundationSuricata - Bug #2680: eve output filetype:unix_dgram does not start a sockethttps://redmine.openinfosecfoundation.org/issues/2680?journal_id=121632019-05-23T21:50:40ZAndreas Herzoisf@herzandreas.de
<ul><li><strong>Assignee</strong> set to <i>OISF Dev</i></li><li><strong>Target version</strong> set to <i>TBD</i></li></ul> Suricata - Bug #2680: eve output filetype:unix_dgram does not start a sockethttps://redmine.openinfosecfoundation.org/issues/2680?journal_id=123932019-06-03T08:59:56ZAndreas Herzoisf@herzandreas.de
<ul></ul><p>I can confirm this but I don't think this is a bigger issue as it will keep trying and did succeed.</p>
<pre>
13/11/2018 -- 21:14:10 - <Warning> - [ERRCODE: SC_ERR_SOCKET(200)] - Error connecting to socket "/home/user/suricata_eve.socket": No such file or directory (will keep trying)
13/11/2018 -- 21:14:10 - <Info> - eve-log output device (unix_stream) initialized: /home/user/suricata_eve.socket
</pre>
<p>I also see similiar outputs:<br /><pre>
3/6/2019 -- 07:39:44 - <Warning> - [ERRCODE: SC_ERR_SOCKET(200)] - Error connecting to socket "/tmp/stats.sock": No such file or directory (will keep trying)
3/6/2019 -- 07:40:26 - <Notice> - Reconnected socket "/tmp/stats.sock"
</pre></p>
<p>Do you have any cases where the retry doesn't work?</p> Suricata - Bug #2680: eve output filetype:unix_dgram does not start a sockethttps://redmine.openinfosecfoundation.org/issues/2680?journal_id=131812019-07-29T20:36:12ZAndreas Herzoisf@herzandreas.de
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li></ul> Suricata - Bug #2680: eve output filetype:unix_dgram does not start a sockethttps://redmine.openinfosecfoundation.org/issues/2680?journal_id=222122022-02-05T22:39:40ZAndreas Herzoisf@herzandreas.de
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Closed</i></li></ul><p>Hi, we're closing this issue since there have been no further responses. <br />If you think this issue is still relevant, try to test it again with the <br />most recent version of suricata and reopen the issue. If you want to <br />improve the bug report please take a look at <br /><a class="external" href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs</a></p>