- [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - Failed to parse configuration file at line 60: found character that cannot start any token
I attached a copy of the configuration
suricataCon.yaml (73.1 KB)
The Suricata configuration is prepared during the configure step. During this step, templated fields from the Suricata configuration template file (suricata.yaml.in) are substituted with values according to the configuration settings supplied when running configure.
The Suricata configuration file you posted contains templated fields that haven’t been substituted. My suggestion is to run configure [other-configure-pptions as needed] and then retry using Suricata.
configure will create suricata.yaml file with the proper values for your deployment in place of the templated fields. Templated fields are surrounded with the @ value, e.g., @e_conflogdir@.
1 Like