Bug 1396151

Summary: Rotate /var/log/suricata/eve.json
Product: [Fedora] Fedora Reporter: Jason Ish <ish>
Component: suricataAssignee: Steve Grubb <sgrubb>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: athmanem, fedora, jmlich83, jtfas90, sgrubb
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: suricata-3.2.1-1.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-22 14:51:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch to rotate eve.json. none

Description Jason Ish 2016-11-17 15:19:37 UTC 
Created attachment 1221594 [details]
Patch to rotate eve.json.

Description of problem:

Suricata logs to /var/log/suricata/eve.json by default, but the packaged suricata.logrotate only rotates *.log.
Comment 1 Steve Grubb 2017-02-13 14:43:54 UTC 
Thanks for reporting the issue. Fixed in the suricata-3.2-1 build.
Comment 2 Fedora Update System 2017-02-13 15:03:15 UTC 
suricata-3.2-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-d118c5820e
Comment 3 Fedora Update System 2017-02-13 15:03:26 UTC 
suricata-3.2-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-272ded2e71
Comment 4 Fedora Update System 2017-02-13 15:03:36 UTC 
suricata-3.2-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-6776778fe7
Comment 5 Fedora Update System 2017-02-13 23:19:26 UTC 
suricata-3.2-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-272ded2e71
Comment 6 Fedora Update System 2017-02-13 23:50:06 UTC 
suricata-3.2-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6776778fe7
Comment 7 Fedora Update System 2017-02-14 00:54:08 UTC 
suricata-3.2-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-d118c5820e
Comment 8 Fedora Update System 2017-02-16 19:35:27 UTC 
suricata-3.2.1-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8e1a030633
Comment 9 Fedora Update System 2017-02-17 21:18:43 UTC 
suricata-3.2.1-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-8e1a030633
Comment 10 Fedora Update System 2017-02-22 14:51:12 UTC 
suricata-3.2.1-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.