mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-04-25 05:57:49 +02:00
Fix log rotate on Suricata
This commit is contained in:
@@ -123,7 +123,7 @@ filebeat.inputs:
|
|||||||
|
|
||||||
- type: log
|
- type: log
|
||||||
paths:
|
paths:
|
||||||
- /suricata/eve.json
|
- /suricata/eve*.json
|
||||||
fields:
|
fields:
|
||||||
module: suricata
|
module: suricata
|
||||||
dataset: common
|
dataset: common
|
||||||
|
|||||||
@@ -95,8 +95,8 @@ outputs:
|
|||||||
- eve-log:
|
- eve-log:
|
||||||
enabled: yes
|
enabled: yes
|
||||||
filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
|
filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
|
||||||
filename: /nsm/eve.json
|
filename: /nsm/eve-%Y-%m-%d-%H:%M.json
|
||||||
rotate-interval: day
|
rotate-interval: hour
|
||||||
|
|
||||||
#prefix: "@cee: " # prefix to prepend to each log entry
|
#prefix: "@cee: " # prefix to prepend to each log entry
|
||||||
# the following are valid when type: syslog above
|
# the following are valid when type: syslog above
|
||||||
|
|||||||
@@ -95,7 +95,7 @@ outputs:
|
|||||||
- eve-log:
|
- eve-log:
|
||||||
enabled: yes
|
enabled: yes
|
||||||
filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
|
filetype: regular #regular|syslog|unix_dgram|unix_stream|redis
|
||||||
filename: /nsm/eve.json
|
filename: /nsm/eve-%Y-%m-%d-%H:%M.json
|
||||||
rotate-interval: hour
|
rotate-interval: hour
|
||||||
|
|
||||||
#prefix: "@cee: " # prefix to prepend to each log entry
|
#prefix: "@cee: " # prefix to prepend to each log entry
|
||||||
|
|||||||
Reference in New Issue
Block a user