Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: (no subject)

From: "Wayne T Work" <securitygauntlet () snet net>
Date: Tue, 24 Sep 2002 18:01:04 -0400
The log search issue is performed by using the command "grep" or utilizing a
log viewer. Ya can get plenty of those at www.linux.org under Applications.
  -----Original Message-----
  From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of Roger Parx
  Sent: Tuesday, September 24, 2002 5:25 PM
  To: snort-users () lists sourceforge net
  Subject: [Snort-users] (no subject)


  Hi
    I am new to Snort and have a few nagging questions for the merciful
person who can spare time to reply to this mesage.

  1) I set Snort1.8 to run on a Redhat linux7.2 based machine over the
week-end and found snort halted on monday with the following message on
screen: Received signal 3, exiting.
  Is that a default timeout programmed into snort to prevent it from running
for prolonged time?
  How is it different from the "Received signal 2, exiting" signal that we
get when we exit snort using Ctrl+C.


  2) How can I search the content of multiple log files/folders
simultaneously for a string?
  For example after I have logged sufficient traffic using the command:
snort -dev ./snortlog
  ( snortlog is the folder I want to log thetraffic in )
  how can I search through the traffic of a range of ip addresses, which are
saved in folders (named after the ip addresses)

  Thank you

  Roger


----------------------------------------------------------------------------
--
  Get more from the Web. FREE MSN Explorer download :
http://explorer.msn.com
Previous By Date Next
Previous By Thread Next

Current thread: