diff --git a/CHANGES b/CHANGES
index bbe0cedf91..9f5288efd5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,10 @@
 
+3.2.0-dev.885 | 2020-07-10 11:20:41 -0700
+
+  * Add more error checks to shadow log parsing (Jon Siwek, Corelight)
+
+    i.e. Coverity warns about possible use of ftell() negative return value
+
 3.2.0-dev.884 | 2020-07-09 14:09:58 -0700
 
   * Add Supervisor::{stdout,stderr}_hook (Jon Siwek, Corelight)
diff --git a/VERSION b/VERSION
index 5700cf836e..4f4873ddb1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.2.0-dev.884
+3.2.0-dev.885
diff --git a/src/logging/writers/ascii/Ascii.cc b/src/logging/writers/ascii/Ascii.cc
index c1646d82f5..897fd36fb9 100644
--- a/src/logging/writers/ascii/Ascii.cc
+++ b/src/logging/writers/ascii/Ascii.cc
@@ -111,9 +111,35 @@ static std::optional<LeftoverLog> parse_shadow_log(const std::string& fname)
 		return rval;
 		}
 
-	fseek(sf_stream, 0, SEEK_END);
+	int res = fseek(sf_stream, 0, SEEK_END);
+
+	if ( res == -1 )
+		{
+		rval.error = fmt("Failed to fseek(SEEK_END) on %s: %s",
+		                 rval.shadow_filename.data(), strerror(errno));
+		fclose(sf_stream);
+		return rval;
+		}
+
 	auto sf_len = ftell(sf_stream);
-	fseek(sf_stream, 0, SEEK_SET);
+
+	if ( sf_len == -1 )
+		{
+		rval.error = fmt("Failed to ftell() on %s: %s",
+		                 rval.shadow_filename.data(), strerror(errno));
+		fclose(sf_stream);
+		return rval;
+		}
+
+	res = fseek(sf_stream, 0, SEEK_SET);
+
+	if ( res == -1 )
+		{
+		rval.error = fmt("Failed to fseek(SEEK_SET) on %s: %s",
+		                 rval.shadow_filename.data(), strerror(errno));
+		fclose(sf_stream);
+		return rval;
+		}
 
 	auto sf_content = std::make_unique<char[]>(sf_len);
 	auto bytes_read = fread(sf_content.get(), 1, sf_len, sf_stream);