Project

General

Profile

Actions

Bug #8501

closed

Incorrect categorization of status/info messages from suricata

Added by Mark Hassman over 6 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
05/07/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.4.3
Affected Plus Version:
Affected Architecture:

Description

Hi, When suricata_check_for_rule_updates.php runs, it unnecessarily logs informational messages as errors - thus causing pfsense to forward messages to syslog as type error. Examples:
[Suricata] Emerging Threats Open rules are up to date
[Suricata] Snort GPLv2 Community Rules are up to date
[Suricata] The Rules update has finished.

This is not an inclusive list, just what I pulled from logs today.

I think these types of messages should be categorized as lower priority - i.e. info or warning.
Thnx!

Actions #1

Updated by Bill Meeks over 5 years ago

This issue is resolved in Suricata package version 4.1.4_2 on pfSense-2.5-DEVEL. The pull request is here: [https://github.com/pfsense/FreeBSD-ports/pull/647]. Logging of messages is now performed by a call to the PHP syslog() function and a corresponding SEVERITY LEVEL parameter is passed with each log messages.

This issue can be closed as RESOLVED.

Actions #2

Updated by Jim Pingle over 5 years ago

  • Status changed from New to Resolved
Actions

Also available in: Atom PDF