---
title: "[bojemoi] suricata: rotate eve.json hourly, add eve-cleaner sidecar (24h retention)"
date: 2026-02-20T16:39:48+01:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 3c0dd23 par Betty dans bojemoi"
author: "Betty"
---

## Commit `3c0dd23`

| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `3c0dd2318ac8d164cd2c1e6cc35ad16d392bad89` |


### Description

- suricata.yaml: filetype regular -> rotating, rotate-interval: 1h
  Creates eve.<timestamp>.json files hourly instead of one growing file
- dozor stack: add eve-cleaner service (alpine) that deletes rotated
  eve.json files older than KEEP_HOURS=24h, runs every hour

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
M	stack/48-service-dozor.yml
M	volumes/suricata/suricata.yaml
```

### Diff Summary

```
 stack/48-service-dozor.yml     | 38 ++++++++++++++++++++++++++++++++++++++
 volumes/suricata/suricata.yaml |  3 ++-
 2 files changed, 40 insertions(+), 1 deletion(-)
```