44 lines
1.1 KiB
Markdown
44 lines
1.1 KiB
Markdown
---
|
|
title: "[bojemoi] suricata: rotate eve.json hourly, add eve-cleaner sidecar (24h retention)"
|
|
date: 2026-02-20T16:39:48+01:00
|
|
draft: false
|
|
tags: ["commit", "bojemoi", "main"]
|
|
categories: ["Git Activity"]
|
|
summary: "Commit 3c0dd23 par Betty dans bojemoi"
|
|
author: "Betty"
|
|
---
|
|
|
|
## Commit `3c0dd23`
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Repository** | bojemoi |
|
|
| **Branch** | `main` |
|
|
| **Author** | Betty |
|
|
| **Hash** | `3c0dd2318ac8d164cd2c1e6cc35ad16d392bad89` |
|
|
|
|
|
|
### Description
|
|
|
|
- suricata.yaml: filetype regular -> rotating, rotate-interval: 1h
|
|
Creates eve.<timestamp>.json files hourly instead of one growing file
|
|
- dozor stack: add eve-cleaner service (alpine) that deletes rotated
|
|
eve.json files older than KEEP_HOURS=24h, runs every hour
|
|
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
|
|
### Files Changed
|
|
|
|
```
|
|
M stack/48-service-dozor.yml
|
|
M volumes/suricata/suricata.yaml
|
|
```
|
|
|
|
### Diff Summary
|
|
|
|
```
|
|
stack/48-service-dozor.yml | 38 ++++++++++++++++++++++++++++++++++++++
|
|
volumes/suricata/suricata.yaml | 3 ++-
|
|
2 files changed, 40 insertions(+), 1 deletion(-)
|
|
```
|