Project

General

Profile

Actions

Bug #798

closed

stats.log in yaml config - append option - missing

Added by Peter Manev over 9 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Currently for both git and 1.4.1 in the suricata.yaml we have:


  # Stats.log contains data from various counters of the suricata engine.
  # The interval field (in seconds) tells after how long output will be written
  # on the log file.
  - stats:
      enabled: yes
      filename: stats.log
      interval: 8

So if you run Suricata like this , even on little traffic, it can inflate the stats.log to a size of few GBs for a few days run.
The more cores you have - the bigger the stats.log in general.

One can add

interval: 8
append: no

Then the stats.log will be cleared/reset every time Suricata is restarted/run.
The option however is not present in the yaml file itself.

Actions #1

Updated by Victor Julien almost 9 years ago

  • Target version set to TBD
Actions #2

Updated by Andreas Herz about 6 years ago

  • Assignee set to OISF Dev
Actions #3

Updated by Victor Julien almost 5 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
  • Target version changed from TBD to 4.0.2/4.0.3
Actions #4

Updated by Victor Julien almost 5 years ago

  • Status changed from Assigned to Closed
Actions

Also available in: Atom PDF