Bug #8501
closedIncorrect categorization of status/info messages from suricata
0%
Description
Hi, When suricata_check_for_rule_updates.php runs, it unnecessarily logs informational messages as errors - thus causing pfsense to forward messages to syslog as type error. Examples:
[Suricata] Emerging Threats Open rules are up to date
[Suricata] Snort GPLv2 Community Rules are up to date
[Suricata] The Rules update has finished.
This is not an inclusive list, just what I pulled from logs today.
I think these types of messages should be categorized as lower priority - i.e. info or warning.
Thnx!
Updated by Bill Meeks over 5 years ago
This issue is resolved in Suricata package version 4.1.4_2 on pfSense-2.5-DEVEL. The pull request is here: [https://github.com/pfsense/FreeBSD-ports/pull/647]. Logging of messages is now performed by a call to the PHP syslog() function and a corresponding SEVERITY LEVEL parameter is passed with each log messages.
This issue can be closed as RESOLVED.