Snort mailing list archives

Previous By Date Next
Previous By Thread Next

"File size limit exceeded" message...

From: Peter Bates <peter.bates () lshtm ac uk>
Date: Wed, 19 Sep 2001 11:35:14 +0100

Hello all...

Snort 1.8.1 on Linux (fairly stock RH 7.1),
logging to MySQL with ACID...

I made the mistake today of tinkering with the
configuration, when all was running smoothly...

Now it doesn't start up in the background,
so I tried running it in the foreground, and get:

<snip>
Rule application order: ->pass->activation->dynamic->alert->log

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.8.1-RELEASE (Build 74)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
File size limit exceeded

... err??? Anyone any idea what this message means?

Ohh... I'm also logging to syslog and to a file
in /var/log/snort, as well...

du -sh /var/log/snort/*
37M     /var/log/snort/alert
44M     /var/log/snort/portscan.log

naturally the log-files have sort of, well, got a bit
bigger with the arrival of first Code Red, and then Nimda... :)


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: