From 549089a970e39d1ea09c10af5eaf8f696dd19d40 Mon Sep 17 00:00:00 2001
From: Maxime THIEBAUT <46688461+0xThiebaut@users.noreply.github.com>
Date: Wed, 1 May 2024 22:16:03 +0200
Subject: suricata: T751: Initial support for suricata

---
 data/templates/ids/suricata_logrotate.j2 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 data/templates/ids/suricata_logrotate.j2

(limited to 'data/templates/ids/suricata_logrotate.j2')

diff --git a/data/templates/ids/suricata_logrotate.j2 b/data/templates/ids/suricata_logrotate.j2
new file mode 100644
index 000000000..62773fc68
--- /dev/null
+++ b/data/templates/ids/suricata_logrotate.j2
@@ -0,0 +1,17 @@
+{% for filename in [(log.eve.filename | default("eve.json"))] %}
+{{ filename if filename.startswith("/") else ("/var/log/suricata/" + filename) }}
+{% endfor %}{
+    weekly
+    dateext
+    dateformat _%Y-%m-%d_%H-%M-%S
+    maxsize 10M
+    rotate 10
+    missingok
+    nocompress
+    nocreate
+    nomail
+    sharedscripts
+    postrotate
+            /bin/kill -HUP `cat /run/suricata/suricata.pid 2>/dev/null` 2>/dev/null || true
+    endscript
+}
-- 
cgit v1.2.3