Skip to content

O
OpnSense
Commit 19dfa96c authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

intrusion detection: rotate eve-log every (almost) 500 MB 

Should probably remove the weekly/daily rotation in favour of a
setting of the value in KB on the GUI instead...
parent 3983919a
Show whitespace changes
Inline Side-by-side
Showing with 1 addition and 1 deletion
src/opnsense/service/templates/OPNsense/IDS/newsyslog.conf
View file @ 19dfa96c
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
{% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %} {% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %}
/var/log/suricata/stats.log root:wheel 640 7 * $D0 B /var/run/suricata.pid 1 /var/log/suricata/stats.log root:wheel 640 7 * $D0 B /var/run/suricata.pid 1
/var/log/suricata.log root:wheel 640 7 * $D0 B /var/run/suricata.pid 1 /var/log/suricata.log root:wheel 640 7 * $D0 B /var/run/suricata.pid 1
/var/log/suricata/eve.json root:wheel 640 {{ OPNsense.IDS.general.AlertSaveLogs|default("4") }} * ${{ /var/log/suricata/eve.json root:wheel 640 {{ OPNsense.IDS.general.AlertSaveLogs|default("4") }} 500000 ${{
OPNsense.IDS.general.AlertLogrotate|default("W0D23") OPNsense.IDS.general.AlertLogrotate|default("W0D23")
}} B /var/run/suricata.pid 1 }} B /var/run/suricata.pid 1
{% endif %} {% endif %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023