From patchwork Tue Jun 4 23:00:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: ummeegge X-Patchwork-Id: 2278 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id E36D0888938 for ; Tue, 4 Jun 2019 14:00:34 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 45JBqQ1B2Bz583cL; Tue, 4 Jun 2019 14:00:34 +0100 (BST) Received: from ipfire-server.local (i59F72943.versanet.de [89.247.41.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 45JBqM5697z583bx; Tue, 4 Jun 2019 14:00:31 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904rsa; t=1559653231; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc; bh=BdnbGnU6XP9ohWjEwdtVoHvzPIOrchV2uvy83rcln0w=; b=YCitL+zH7FujBYGL8HTMAhhzdZ0f5n32w6kn3spaXpRu+exuN6hk2r6/iNH7LxqqlZW330 AxnkvuDCrO7lkNvKdCJR3fDSPwU/HLfOw1/o/zYTMg6MtHPhRZ2SFZzakzRJ/aBwyBNGoZ F2WMRA/gux/GBlFTSL+FEHgRWzj4wtLgVkMLi2uMpxF+k1Oi1GNlb4ejJ2dnThfxfiRujg oDkghY/NejKHuXVjidWvYZie6Ikgh5H+m5Fcl01gzHjtse3WDiAolg0OmVoi5slbEtslhd 2D8l+3GR9cnbSPoKh0uJZ3w7st7jfT/GpTByQTdQdLoyfpl6MD93lpsI//oeFw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904ed25519; t=1559653231; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc; bh=BdnbGnU6XP9ohWjEwdtVoHvzPIOrchV2uvy83rcln0w=; b=AmjqT3HQpWbur5yCWCxm5OEcgIqiLMUzZO67MnsaKpjmXHbEDzHacL6ZCUFcS2XVTz7uma 5V05Su4va13fUIAQ== From: Erik Kapfer To: development@lists.ipfire.org Subject: [PATCH] suricata: Enable EVE logging Date: Tue, 4 Jun 2019 15:00:24 +0200 Message-Id: <20190604130024.15439-1-ummeegge@ipfire.org> X-Mailer: git-send-email 2.12.2 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=ummeegge smtp.mailfrom=ummeegge@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" The EVE output facility outputs alerts, metadata, file info and protocol specific records through JSON. for further informations please see --> https://suricata.readthedocs.io/en/suricata-4.1.2/output/eve/index.html . Signed-off-by: Erik Kapfer Acked-by: Stefan Schantl --- lfs/suricata | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lfs/suricata b/lfs/suricata index 310920606..6f779d875 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -80,6 +80,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --enable-nfqueue \ --disable-static \ --disable-python \ + --with-libjansson-libraries=/usr/lib \ + --with-libjansson-includes=/usr/include \ --disable-suricata-update cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install