Snort mailing list archives
Re: Repost: Syslog, but I don't want it
From: Fyodor <fygrave () tigerteam net>
Date: Sat, 2 Jun 2001 17:02:49 +0700
On Fri, Jun 01, 2001 at 10:10:10AM -0500, Marc Thompson wrote:
Joe, You recommended that I run snort without the -D (Daemon-mode) option. I tried this, ran nmap, alerts fired but weren't sent to syslog. This is the behavior that I want, so your idea worked. So, it seems that running snort in Daemon mode enables syslog logging via the LOCAL facility. I imagine that this is by design.
By design only errors and warnings are logged via syslog if it's running in daemon mode.
What do you recommend I try next? Bug report? Enhancement Request?
Well, if you chould show us relevant snippets of the configuration file, so we could reproduce 'the bug', it would be helpful indeed. :) _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Repost: Syslog, but I don't want it Marc Thompson (May 31)
- Re: Repost: Syslog, but I don't want it Joe McAlerney (May 31)
- <Possible follow-ups>
- RE: Repost: Syslog, but I don't want it Marc Thompson (Jun 01)
- Re: Repost: Syslog, but I don't want it Fyodor (Jun 02)
- {off-topic} Who goes 2 Defcon9 Cedric (Jun 02)
- Re: {off-topic} Who goes 2 Defcon9 Fyodor (Jun 02)
- RE: {off-topic} Who goes 2 Defcon9 Ofir Arkin (Jun 02)
- Re: {off-topic} Who goes 2 Defcon9 Martin Roesch (Jun 03)
- RE: Repost: Syslog, but I don't want it Neil Dickey (Jun 01)
- RE: Repost: Syslog, but I don't want it Marc Thompson (Jun 01)
- RE: Repost: Syslog, but I don't want it Neil Dickey (Jun 01)
- RE: Repost: Syslog, but I don't want it Marc Thompson (Jun 03)