From 60a79c822004813916d2fca43b88e701a8230de9 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Thu, 6 Mar 2014 12:34:22 +0100
Subject: [PATCH] eve-log: enable in default config

In the default config, eve-log is now enabled by default. All loggers
except 'drop' are enabled.
---
 suricata.yaml.in | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/suricata.yaml.in b/suricata.yaml.in
index b71659f816..30f1936012 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -82,9 +82,9 @@ outputs:
       append: yes
       #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
 
-  # "United" event log in JSON format
+  # Extensible Event Format (nicknamed EVE) event log in JSON format
   - eve-log:
-      enabled: no
+      enabled: yes
       type: file #file|syslog|unix_dgram|unix_stream
       filename: eve.json
       # the following are valid when type: syslog above
@@ -103,7 +103,7 @@ outputs:
             force-magic: no   # force logging magic on all logged files
             force-md5: no     # force logging of md5 checksums
         #- drop
-        #- ssh
+        - ssh
 
   # alert output for use with Barnyard2
   - unified2-alert: