Project

General

Profile

Support #2956

Updated by Victor Julien almost 5 years ago

hello guys, noob question here. I try to install Windows 64-bit installer: Suricata-4.1.3-1-64bit.msi under Windows 7. Is there any guide I can follow? coz I'm kinda confused with the guide in https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows and https://redmine.openinfosecfoundation.org/attachments/download/1175/SuricataWinInstallationGuide_v1.4.3.pdf. Those 2 guide doesn't tell me about installing npcap (https://nmap.org/npcap/) but the tools itself try to tell me to install npcap. After i try to install npcap and try to run suricata i've got this error: 
 <pre> 
 C:\Program Files\Suricata>suricata.exe -c suricata.yaml -i 192.168.10.6 
 3/5/2019 -- 09:31:54 - <Info> - Running as service: no 
 3/5/2019 -- 09:31:56 - <Info> - translated 192.168.10.6 to pcap device \Device\NPF_{3221065E-8591-4573-8FC6-E2416A318579} 
 Error opening file C:\Program Files\Suricata\log\suricata.log 
 3/5/2019 -- 09:31:56 - <Notice> - This is Suricata version 4.1.3 RELEASE 
 3/5/2019 -- 09:31:56 - <Warning> - [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. S 
 ee ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml. 
 3/5/2019 -- 09:31:56 - <Error> - [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "C:\Program Files\Suricata\log/fast.log": Permission denied 
 3/5/2019 -- 09:31:56 - <Warning> - [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - output module setup failed 
 3/5/2019 -- 09:31:56 - <Error> - [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "C:\Program Files\Suricata\log/eve.json": Permission denied 
 3/5/2019 -- 09:31:56 - <Warning> - [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - output module setup failed 
 3/5/2019 -- 09:31:56 - <Error> - [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "C:\Program Files\Suricata\log/stats.log": Permission denied 
 3/5/2019 -- 09:31:56 - <Warning> - [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - output module setup failed 
 3/5/2019 -- 09:31:56 - <Warning> - [ERRCODE: SC_WARN_NO_STATS_LOGGERS(261)] - stats are enabled but no loggers are active 
 3/5/2019 -- 09:31:57 - <Warning> - [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "C:\Program Files\Suricata\\\threshold.config": No such file or directory 
 3/5/2019 -- 09:32:01 - <Warning> - [ERRCODE: SC_ERR_NIC_OFFLOADING(284)] - NIC offloading on \Device\NPF_{3221065E-8591-4573-8FC6-E2416A318579}: Checksum IPv4 Rx: 1 Tx: 1 IPv6 Rx: 0 Tx: 0 LSOv1 IPv4: 
 1 LSOv2 IPv4: 0 IPv6: 0 
 3/5/2019 -- 09:32:01 - <Notice> - all 2 packet processing threads, 2 management threads initialized, engine started. 
 </pre> 

 Hope somebody can help me and guide me the proper way to use suricata. Thank you...

Back