From: Victor Julien <victor@inliniac.net>
Date: Thu, 6 Mar 2014 11:34:22 +0000 (+0100)
Subject: eve-log: enable in default config
X-Git-Tag: suricata-2.0rc2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=60a79c822004813916d2fca43b88e701a8230de9;p=thirdparty%2Fsuricata.git

eve-log: enable in default config

In the default config, eve-log is now enabled by default. All loggers
except 'drop' are enabled.
---

diff --git a/suricata.yaml.in b/suricata.yaml.in
index b71659f816..30f1936012 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -82,9 +82,9 @@ outputs:
       append: yes
       #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
 
-  # "United" event log in JSON format
+  # Extensible Event Format (nicknamed EVE) event log in JSON format
   - eve-log:
-      enabled: no
+      enabled: yes
       type: file #file|syslog|unix_dgram|unix_stream
       filename: eve.json
       # the following are valid when type: syslog above
@@ -103,7 +103,7 @@ outputs:
             force-magic: no   # force logging magic on all logged files
             force-md5: no     # force logging of md5 checksums
         #- drop
-        #- ssh
+        - ssh
 
   # alert output for use with Barnyard2
   - unified2-alert: