Snort 3 - unknown table data_log

[Y M via Snort-devel <snort-devel () lists snort org>]

Hello,

Hope everybody is safe, and congratulations on the Snort 3 beta release.

Running Snort 3.0.1 build 2, the data_log inspector does not appear to be listed in Snort start output, and there are 
no logs generated. Snort extra is installed and I don't receive any errors, but running Snort with the --warn-all flag, 
generates the below warning:

WARNING: /usr/local/snort/etc/snort/snort.lua: unknown table data_log

Snort version:

# /usr/local/snort/bin/snort -V

   ,,_     -*> Snort++ <*-
  o"  )~   Version 3.0.1 (Build 2)
   ''''    By Martin Roesch & The Snort Team
           http://snort.org/contact#team
           Copyright (C) 2014-2020 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using DAQ version 3.0.0
           Using LuaJIT version 2.1.0-beta3
           Using OpenSSL 1.1.1c FIPS  28 May 2019
           Using libpcap version 1.9.0-PRE-GIT (with TPACKET_V3)
           Using PCRE version 8.42 2018-03-20
           Using ZLIB version 1.2.11
           Using FlatBuffers 1.12.0
           Using Hyperscan version 5.2.1 2020-04-28
           Using LZMA version 5.2.4

Snort Extra build steps:

# export PKG_CONFIG_PATH=/usr/local/snort/lib64/pkgconfig:$PKG_CONFIG_PATH
# ./configure_cmake.sh --prefix=/usr/local/snort/extra
# cd build/
# make && make install

data_log configuration:

data_log =
{
    key = 'http_request_header_event',
    limit = 100
}

Did the way building/installing Snort extra change?

Thank you.
YM

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!