hi i am using suricata 5.0.7 just wondering how you would fix the “permissions denied” issue… thank you
Hi,
Don’t dump the logs to that location. Do it, for example, in c:/suricata/log
thank you very much for reply it really helped me alot i got it working
1 Like
In the .yaml file under run options, remove the hash from the following lines, and change the user & group to the following:
run-as:
user: suricata
group: suricata
Then in command line run the command:
chown suricata:suricata /var/log/suricata/*
Then run: systemctl restart suricata
And BAM Bob’s your uncle!