Tail: cannot open ‘/var/log/suricata/suricata.log’ for reading: No such file or directory


Hi there, i cant turn on this log file, i try to open /var/log/suricata but it said no permision. What is the problem i face and how i can solve them.pls help me!

Hello there, welcome to our community!

How are you running Suricata? If you are not using sudo when running it, maybe it’s lacking the right permissions in order to be able to create the log files. Please refer to our installation guide (3. Installation — Suricata 7.0.0-dev documentation) for safer configuration options that won’t have you using sudo to run Suricata :wink:

Or - which is more advisable - change the log default directory to somewhere where your default user has access to, and see if that helps. That change can be done in your suricata.yaml file.

Hi there!
Thank for replying my answer. I think this is suricata’s default setting so i cant open this file. I remember that i dont need to open this file so it’s oke.

Ok :slight_smile:

You may also indicate a different log directory in your suricata.yaml file, a location that your user would have access to.