On Fri, Mar 10, 2023 at 4:09 PM Timothy M Butterworth < timothy.m.butterwo...@gmail.com> wrote:
> > > On Fri, Mar 10, 2023 at 2:10 PM Dan Ritter <d...@randomstring.org> wrote: > >> Timothy M Butterworth wrote: >> > Is anyone else having problems getting suricata to start? >> > >> > Mar 10 13:43:33 debian-testing systemd[1]: suricata.service: Scheduled >> > restart job, restart counter is at 5. >> > Mar 10 13:43:33 debian-testing systemd[1]: Stopped suricata.service - >> > Suricata IDS/IDP daemon. >> > Mar 10 13:43:33 debian-testing systemd[1]: suricata.service: Start >> request >> > repeated too quickly. >> > Mar 10 13:43:33 debian-testing systemd[1]: suricata.service: Failed with >> > result 'exit-code'. >> > Mar 10 13:43:33 debian-testing systemd[1]: Failed to start >> suricata.service >> > - Suricata IDS/IDP daemon. >> >> >> What happens when you run the daemon by hand? >> >> -dsr- >> > > suricata -c /etc/suricata/suricata.yaml -s signatures.rules -i wlo1 > Error opening file /var/log/suricata//suricata.log > 10/3/2023 -- 16:08:51 - <Notice> - This is Suricata version 6.0.10 > RELEASE running in SYSTEM mode > 10/3/2023 -- 16:08:51 - <Error> - [ERRCODE: SC_ERR_LOGDIR_CONFIG(116)] - The > logging directory "/var/log/suricata/" supplied by > /etc/suricata/suricata.yaml (default-log-dir) is not writable. Shutting > down the engine > I adjusted the permissions on the logging directory: sudo chmod -R 774 /etc/suricata/ and sudo chmod -R 774 /var/log/suricata/ It now starts. 10/3/2023 -- 16:15:16 - <Notice> - This is Suricata version 6.0.10 RELEASE running in SYSTEM mode 10/3/2023 -- 16:15:16 - <Warning> - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /etc/suricata/rules/suricata.rules 10/3/2023 -- 16:15:16 - <Warning> - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern signatures.rules 10/3/2023 -- 16:15:16 - <Warning> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 2 rule files specified, but no rules were loaded! 10/3/2023 -- 16:15:16 - <Notice> - all 8 packet processing threads, 4 management threads initialized, engine started. thanks Tim > -- > ⢀⣴⠾⠻⢶⣦⠀ > ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system > ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ > ⠈⠳⣄⠀⠀ > -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄⠀⠀
