-
Notifications
You must be signed in to change notification settings - Fork 285
Troubleshooting and Logs
Peter Manev edited this page Aug 18, 2017
·
19 revisions
If things are not working as expected or you are experiencing some trouble and would like to have a further look please find below SELKS's major components log locations:
Log files and folders:
/var/log/suricata.log /var/log/suricata/stats.log /var/log/suricata/core/
The folder /var/log/suricata/core/ will contain any core dumps in case of a segfault. Further reading on what to do and how to report Suricata bugs.
Log files:
/var/log/elasticsearch/elasticsearch.log
Unassigned shards:
https://www.elastic.co/guide/en/elasticsearch/reference/current/cat-shards.html
Log files:
/var/log/logstash/logstash.log