intrusion detection: default syslog level seems to be Error, not Info

So do the sensible thing and use Notice which is what global logging is currently using in the hopes to a align syslog with eve log. Completely unsure if this helps though. The docs don't describe this and nobody else tinkering with suricata.yaml came up with a solution? PR: https://forum.opnsense.org/index.php?topic=10140.0
2026-03-13 08:09:41 +00:00 · 2018-11-09 07:25:39 +01:00 · 2018-11-09 07:25:39 +01:00 · a83e72acf1
commit a83e72acf1
parent 25e8f92932
1 changed files with 2 additions and 2 deletions
--- a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+++ b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@ -245,8 +245,8 @@ outputs:
      # suricata) will be used.
      #identity: "suricata"
      facility: local5
-      #level: Info ## possible levels: Emergency, Alert, Critical,
-                   ## Error, Warning, Notice, Info, Debug
+      level: Notice ## possible levels: Emergency, Alert, Critical,
+                    ## Error, Warning, Notice, Info, Debug

  # a line based information for dropped packets in IPS mode
  - drop: