Snort mailing list archives
RE: how do I stop snort logging to /var/log/snort a nd only the database?
From: Erik Melander <Emelander () wyndham com>
Date: Sat, 27 Oct 2001 15:06:57 -0500
I have removed that line in the past without any success. The reason it is there so my normal log monitoring programs can page me out when certain events occur. Thanks for the suggestion though! -----Original Message----- From: Martijn Heemels [mailto:martijn () heemels com] Sent: Saturday, October 27, 2001 3:05 PM To: Erik Melander; snort-users () lists sourceforge net Subject: RE: [Snort-users] how do I stop snort logging to /var/log/snort and only the databa se? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Erik, isn't that simply a matter of removing the first output line you're using so that only the database output remains? I'm not entirely sure, since I'm not logging to a db. Hope this helps, Martijn
output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID output database: alert, mysql, user=XXXXXX password=XXXXXX dbname=snort host=localhost sensor_name=XXXXXX
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO9sTaBLMC0rbivl4EQJQZQCgxsrATq1wuEi0dSHmKtbMKCn9GmQAoP8Q qdZ5N5RK1Iu2OXT97mPXAxrz =Vv6o -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: how do I stop snort logging to /var/log/snort a nd only the database? Erik Melander (Oct 27)
- Re: how do I stop snort logging to /var/log/snort and only the database? Andrew R. Baker (Oct 29)