[ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "C:\\Program Files\\Suricata\\log/fast.log": Permission denied

hi i am using suricata 5.0.7 just wondering how you would fix the “permissions denied” issue… thank you

Hi,

Don’t dump the logs to that location. Do it, for example, in c:/suricata/log

thank you very much for reply it really helped me alot i got it working :+1: :+1: :+1: :+1:

1 Like

2 Likes

In the .yaml file under run options, remove the hash from the following lines, and change the user & group to the following:

run-as:
user: suricata
group: suricata

Then in command line run the command:

chown suricata:suricata /var/log/suricata/*

Then run: systemctl restart suricata

And BAM Bob’s your uncle!