suricata-eve-sqlite-output: use separate thread

ANSSI-FR · Aug 5, 2024 · 37e817a · 37e817a
1 parent a8d77b9
commit 37e817a
Show file tree

Hide file tree

Showing 6 changed files with 201 additions and 1,231 deletions.
diff --git a/suricata/entrypoint.sh b/suricata/entrypoint.sh
@@ -10,7 +10,6 @@ suricata --runmode=single --no-random -k none \
     --set plugins.0=suricata/libeve_sqlite_output.so \
     --set outputs.0.fast.enabled=no \
     --set outputs.1.eve-log.filetype=sqlite \
-    --set outputs.1.eve-log.filename=suricata/output/eve.db \
     --set outputs.1.eve-log.pcap-file=${PCAP_FILE:=true} \
     --set outputs.1.eve-log.types.3.http.dump-all-headers=both \
     --set outputs.1.eve-log.types.6.files.force-hash.0=sha256 \