suricata: T751: Initial support for suricata

author: Maxime THIEBAUT <46688461+0xThiebaut@users.noreply.github.com> 2024-05-01 22:16:03 +0200
committer: Maxime THIEBAUT <46688461+0xThiebaut@users.noreply.github.com> 2024-05-12 10:36:34 +0200
commit: 549089a970e39d1ea09c10af5eaf8f696dd19d40 (patch)
tree: c50e8e4ce30a714d70d36434ae9e51028bb6d77a /data/templates/ids/suricata_logrotate.j2
parent: 91c1a8556eedc9e9aa50d8bf415b37e53d52cb7d (diff)
download: vyos-1x-549089a970e39d1ea09c10af5eaf8f696dd19d40.tar.gz
vyos-1x-549089a970e39d1ea09c10af5eaf8f696dd19d40.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/data/templates/ids/suricata_logrotate.j2 b/data/templates/ids/suricata_logrotate.j2
new file mode 100644
index 000000000..62773fc68
--- /dev/null
+++ b/data/templates/ids/suricata_logrotate.j2
@@ -0,0 +1,17 @@
+{% for filename in [(log.eve.filename | default("eve.json"))] %}
+{{ filename if filename.startswith("/") else ("/var/log/suricata/" + filename) }}
+{% endfor %}{
+    weekly
+    dateext
+    dateformat _%Y-%m-%d_%H-%M-%S
+    maxsize 10M
+    rotate 10
+    missingok
+    nocompress
+    nocreate
+    nomail
+    sharedscripts
+    postrotate
+            /bin/kill -HUP `cat /run/suricata/suricata.pid 2>/dev/null` 2>/dev/null || true
+    endscript
+}
author	Maxime THIEBAUT <46688461+0xThiebaut@users.noreply.github.com>	2024-05-01 22:16:03 +0200
committer	Maxime THIEBAUT <46688461+0xThiebaut@users.noreply.github.com>	2024-05-12 10:36:34 +0200
commit	549089a970e39d1ea09c10af5eaf8f696dd19d40 (patch)
tree	c50e8e4ce30a714d70d36434ae9e51028bb6d77a /data/templates/ids/suricata_logrotate.j2
parent	91c1a8556eedc9e9aa50d8bf415b37e53d52cb7d (diff)
download	vyos-1x-549089a970e39d1ea09c10af5eaf8f696dd19d40.tar.gz vyos-1x-549089a970e39d1ea09c10af5eaf8f696dd19d40.zip