Config Example
outputs:
- fast:
enabled: yes
filename: fast.log
append: no
Purpose
Suricata generates multiple log files e.g.
-rw-r--r--. 1 root root 4.3G Aug 13 12:47 eve.json -rw-r--r--. 1 root root 17K Aug 13 15:01 suricata.log -rw-r--r--. 1 root root 1.8G Aug 13 18:11 stats.log -rw-r--r--. 1 root root 2.0M Aug 13 18:11 fast.log
When we restart or re-run suricata deamon it has to decide what to do with the existing files. It has two options to decide from.
Continue reading
SecFallacy 