From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] suricata: Enable EVE logging
Date: Wed, 05 Jun 2019 09:53:05 +0100
Message-ID: <72926E8A-417B-42D7-A629-8E5D579A1DFD@ipfire.org>
In-Reply-To: <20190604130024.15439-1-ummeegge@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6796018437497862386=="
List-Id: <development.lists.ipfire.org>

--===============6796018437497862386==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi Erik,

I believe that Stefan has already enabled this in this commit:

  https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3D616395f37c6d0=
96607283cc17e5554cc03e9bcc6

Are you saying that the library wasn=E2=80=99t linked before?

I am not sure what this patch is meant to achieve - assuming that Stefan=E2=
=80=99s change isn=E2=80=99t broken.

-Michael

> On 4 Jun 2019, at 14:00, Erik Kapfer <ummeegge(a)ipfire.org> wrote:
>=20
> The EVE output facility outputs alerts, metadata, file info and protocol sp=
ecific records through JSON.
> for further informations please see --> https://suricata.readthedocs.io/en/=
suricata-4.1.2/output/eve/index.html .
>=20
> Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org>
> ---
> lfs/suricata | 2 ++
> 1 file changed, 2 insertions(+)
>=20
> diff --git a/lfs/suricata b/lfs/suricata
> index 310920606..6f779d875 100644
> --- a/lfs/suricata
> +++ b/lfs/suricata
> @@ -80,6 +80,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> 		--enable-nfqueue \
> 		--disable-static \
> 		--disable-python \
> +		--with-libjansson-libraries=3D/usr/lib \
> +		--with-libjansson-includes=3D/usr/include \
> 		--disable-suricata-update
> 	cd $(DIR_APP) && make $(MAKETUNING)
> 	cd $(DIR_APP) && make install
> --=20
> 2.12.2
>=20


--===============6796018437497862386==--