Support #4521
closedwhat's the wrong with my installing suricata
Description
i install and running suricata well, but there is not any alerts aflter my installing.
suricata-config
```
[root@oracle7 suricata-6.0.2]# /opt/suricata/bin/suricata --build-info
This is Suricata version 6.0.2 RELEASE
Features: PCAP_SET_BUFF AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK PCRE_JIT HAVE_NSS HAVE_LUA HAVE_LUAJIT HAVE_LIBJANSSON PROFILING TLS TLS_GNU RUST
SIMD support: SSE_4_2 SSE_4_1 SSE_3
Atomic intrinsics: 1 2 4 8 16 byte(s)
64-bits, Little-endian architecture
GCC version 4.8.5 20150623 (Red Hat 4.8.5-44.0.3), C version 199901
compiled with _FORTIFY_SOURCE=0
L1 cache line size (CLS)=64
thread local storage method: __thread
compiled with LibHTP v0.5.37, linked against LibHTP v0.5.37
Suricata Configuration:
AF_PACKET support: yes
eBPF support: no
XDP support: no
PF_RING support: no
NFQueue support: no
NFLOG support: no
IPFW support: no
Netmap support: no
DAG enabled: no
Napatech enabled: no
WinDivert enabled: no
Unix socket enabled: yes
Detection enabled: yesLibmagic support: no
libnss support: yes
libnspr support: yes
libjansson support: yes
hiredis support: no
hiredis async with libevent: no
Prelude support: no
PCRE jit: yes
LUA support: yes, through luajit
libluajit: yes
GeoIP2 support: no
Non-bundled htp: no
Hyperscan support: yes
Libnet support: yes
liblz4 support: noRust support: yes
Rust strict mode: no
Rust compiler path: /root/.cargo/bin/rustc
Rust compiler version: rustc 1.52.1 (9bc8c42bb 2021-05-09)
Cargo path: /root/.cargo/bin/cargo
Cargo version: cargo 1.52.0 (69767412a 2021-04-21)
Cargo vendor: yesPython support: yes
Python path: /usr/bin/python3
Python distutils yes
Python yaml yes
Install suricatactl: yes
Install suricatasc: yes
Install suricata-update: yesProfiling enabled: yes
Profiling locks enabled: noPlugin support (experimental): yesDevelopment settings:
Coccinelle / spatch: no
Unit tests enabled: no
Debug output enabled: no
Debug validation enabled: no
Generic build parameters:
Installation prefix: /opt/suricata
Configuration directory: /opt/suricata/etc/suricata/
Log directory: /opt/suricata/var/log/suricata/
--prefix /opt/suricata
--sysconfdir /opt/suricata/etc
--localstatedir /opt/suricata/var
--datarootdir /opt/suricata/shareHost: x86_64-pc-linux-gnu
Compiler: gcc (exec name) / g++ (real)
GCC Protect enabled: no
GCC march native enabled: yes
GCC Profile enabled: no
Position Independent Executable enabled: no
CFLAGS -g -O2 -std=gnu99 -march=native -I${srcdir}/../rust/gen -I${srcdir}/../rust/dist
PCAP_CFLAGS -I/usr/local/include
SECCFLAGS```
i build it in oracle linux 7; what's the wrong with me . the event_type is alert can not produce even if
`curl -A - http://www.xxxx.com` not produce, but in other environment i produced 3 years ago can be well.
Files
Updated by Jason Ish almost 3 years ago
How are you starting Suricata? Did you run Suricata-Update to update your rules? Are you see events other than alerts?
Updated by Jason Ish almost 3 years ago
- Tracker changed from Bug to Support
- Target version deleted (
6.0.2) - Difficulty deleted (
low)
Updated by zhang xx almost 3 years ago
Jason Ish wrote in #note-1:
How are you starting Suricata? Did you run Suricata-Update to update your rules? Are you see events other than alerts?
load all rules from suricata-rule which can see in `suricata.log` and point the suricata-rule path in suricata.yaml.
Updated by Andreas Herz almost 3 years ago
please provide your suricata config file and the command line command how suricata is running exactly, ideally some suricata.log output as well
Updated by Andreas Herz about 2 years ago
- Status changed from New to Closed
Hi, we're closing this issue since there have been no further responses.
If you think this issue is still relevant, try to test it again with the
most recent version of suricata and reopen the issue. If you want to
improve the bug report please take a look at
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs