My suricata keeps changing it´s status to active(exited) after some time running. It shows no logs on suricata.log that provides me information about any error occured.
Are you running suricata as a systemd service? Have you tried journalctl -u suricata?
Yes, i am running suricata as systemd service
Hi Nuno,
Could you share some of the log output (suricata.log) and the relevant log section from journalctl -u suricata?
Which Suricata version?
I have encountered the same problem, and systemctl restart surata cannot solve it. It has been in the exited state… How can I solve it?
Journalctl - u curiata is as follows:
The version of SURICATA is 6.0.9
Hi,
Thanks for sharing the log info from journalctl; can you share the log info from suricata.log?
HI,Jeff
Thank you for your reply. I have solved my problem. It seems that it is due to the configuration problem of the suradata.yaml file, perhaps the indentation problem, or the configuration problem… In a word, I can solve the problem by re importing a new yaml file…
Can you help me look at new problems It’s my new question on the forum:
Suricata 6.0.9 on Ubuntu 22.04 : How to enable the Redis output of SURICATA - Help - Suricata
Sincere thanks~