Hi all,
I have installed and configured suricata on Ubuntu following these instructions.
Currently I have the problem that the messages are written to the shell (stdout). This makes it very confusing when using the shell.
The real goal is to write it in log, so I can integrate it in NTOP.
What exactly do I have to do?
I don’t see anything in that document that would send the events to the console.
On startup there are some messages to the console about the application itself, but the network events you are after should still be going to a log file.
What are you seeing output to the shell that you would rather have go to a log file?
Hi Jason,
thanks for the replay. I figured out , that the output to the shell is the eve-log output (json).
I checked the config an tried different settings there (i this case just regular). The message on the shell disappear.
The main goal was integrate sucaria to the syslog (14. Suricata Integration — ntopng 5.3 documentation). but if change it back to syslog the output to the shell is back.
I am not sure, but i think i made a misconfiguation in my file. thereby i add the sucaria.yaml
suricata.yaml (70.9 KB)