Project

General

Profile

Actions
Copy link

Support #2990

closed
AP AP

files-json.log is empty

Support #2990: files-json.log is empty

Added by Anh Pham almost 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Anh Pham
Affected Versions:
4.1.1
Label:

Description

I use suricata 4.0.4 and in suricata.yaml, i edited fast.log and files-json.log to enabled:yes - append:yes. But when I cat fast.log and files-json.log, files-json.log is empty.

AP Updated by Anh Pham almost 7 years ago Actions
Copy link
 #1

I use suricata 4.0.4 and in suricata.yaml, i edited fast.log and files-json.log to enabled:yes - append:yes. But when I cat fast.log and files-json.log, files-json.log is empty.

Is there any way to solve this problem? Thank you very much.

VJ Updated by Victor Julien almost 7 years ago Actions
Copy link
 #2

  • Tracker changed from Bug to Support

PM Updated by Peter Manev almost 7 years ago Actions
Copy link
 #3

I would recommend using latest stable Suricata - 4.1.4 and eve.json (instead of fast.log and files log as these are legacy).
After it is up and running , check if Suricata starts properly , if there are no errors , if you have defined your networks correctly.

AH Updated by Andreas Herz almost 7 years ago Actions
Copy link
 #4

  • Status changed from New to Feedback
  • Assignee set to Anh Pham
  • Target version set to Support

Can you also add the configuration file so we can check for any issues there?

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
 #5

  • Status changed from Feedback to Closed
Actions
Copy link

Also available in: PDF Atom