1f63e7b7c0
However, its disabled due to issue https://redmine.openinfosecfoundation.org/issues/7236. Ticket: #7227 |
6 months ago | |
|---|---|---|
| .. | ||
| .gitignore | ||
| Makefile.in | ||
| README.md | ||
| custom-logger.c | ||
README.md
Example Custom Logging Plugin
This is an example of a low level logging plugin.
Currently implemented are packet and flow loggers.
Building
If in the Suricata source directory, this plugin can be built by
running make'.
Building Standalone
This Makefile is not generated by automake so it can serve as an example for plugins created outside of the Suricata source tree.
Building a standalone plugin has the following dependencies:
- Suricata is installed
- The Suricata library is installed:
make install-library - The Suricata development headers are installed:
make install-headers - The program
libsuricata-configis in your path (installed withmake install-library)
Modify the Makefile to use libsuricata-config.
Before building this plugin you will need to build and install Suricata from the git master branch and install the development tools and headers:
make install-librarymake install-headers
then make sure the newly installed tool libsuricata-config can be
found in your path, for example:
libsuricata-config --cflags
Then a simple make should build this plugin.
Or if the Suricata installation is not in the path, a command like the following can be used:
PATH=/opt/suricata/bin:$PATH make
Usage
To run the plugin, first add the path to the plugin you just compiled to
your suricata.yaml, for example:
plugins:
- /usr/lib/suricata/plugins/c-custom-loggers/custom-loggers.so