Syslog
~~~~~~
+.. attention:: The syslog output is deprecated in Suricata 8.0 and
+ will be removed in Suricata 9.0. Please migrate to the
+ ``eve`` output which has the ability to send to syslog.
+
With this option it is possible to send all alert and event output to syslog.
::
~~~~~~~~~~~~
- The ``http-log`` output is now deprecated and will be removed in Suricata 9.0.
- The ``tls-log`` output is now deprecated and will be removed in Suricata 9.0.
+- The ``syslog`` output is now deprecated and will be removed in
+ Suricata 9.0. Note that this is the standalone ``syslog`` output and
+ does affect the ``eve`` outputs ability to send to syslog.
Upgrading 6.0 to 7.0
--------------------
*/
static OutputInitResult AlertSyslogInitCtx(ConfNode *conf)
{
+ SCLogWarning("The syslog output has been deprecated and will be removed in Suricata 9.0.");
+
OutputInitResult result = { NULL, false };
const char *facility_s = ConfNodeLookupChildValue(conf, "facility");
if (facility_s == NULL) {
threads: no # per thread stats
#null-values: yes # print counters that have value 0. Default: no
- # a line based alerts log similar to fast.log into syslog
- - syslog:
- enabled: no
- # reported identity to syslog. If omitted the program name (usually
- # suricata) will be used.
- #identity: "suricata"
- facility: local5
- #level: Info ## possible levels: Emergency, Alert, Critical,
- ## Error, Warning, Notice, Info, Debug
-
# Output module for storing files on disk. Files are stored in
# directory names consisting of the first 2 characters of the
# SHA256 of the file. Each file is given its SHA256 as a filename.
projects / thirdparty / suricata.git / commitdiff
