Task #7494: log: Suricata log level should be "error" when testing Suricata configuration - Suricata-Update - Open Information Security Foundation

Actions

Copy link

Task #7494

open

log: Suricata log level should be "error" when testing Suricata configuration

Added by Jason Ish 6 days ago. Updated 6 days ago.

Status:

In Progress

Priority:

Normal

Assignee:

Jason Ish

Target version:

1.3.5

Effort:

Difficulty:

Label:

Description

Currently when testing the Suricata configuration the Suricata log level is set to "warning". This results with a warning message even if "-q" is provided to Suricata-Update and can cause noise when running from cron, or using output to signify an error. For example, the following can be see currently:

15/1/2025 -- 09:36:30 - <Warning> -- rule 3321277: ja3.hash should not be used together with nocase, since the rule is automatically lowercased anyway which makes nocase redundant.

which can fill cron email boxes with non-critical errors.

Ideally only fatal errors that cause Suricata to fail the reload should emit anything when -q is used.

Actions

Copy link

Updated by Jason Ish 6 days ago

Status changed from Assigned to In Progress

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata » Suricata-Update

Task #7494

log: Suricata log level should be "error" when testing Suricata configuration

Updated by Jason Ish 6 days ago