Re: snort-1.8.7 and alert file

[<bthaler () webstream net>]

OK.  I missed that one, thanks.

Now, since my command-line "-N" is overriding my snort.conf's "output log_unified", I'm getting no logging at all.

How do I either specify spo_unified on the command-line, or specify the "-N" in snort.conf?

(Strangely, I'm getting 30% packet loss now.....interesting)



Regards,

Brad T. 




----- Original Message ----- 
From: "Erek Adams" <erek () theadamsfamily net>
To: <bthaler () webstream net>
Cc: <snort-users () lists sourceforge net>
Sent: Tuesday, July 30, 2002 10:12 AM
Subject: Re: [Snort-users] snort-1.8.7 and alert file


> On Tue, 30 Jul 2002 bthaler () webstream net wrote:
>
> > Well, this is driving me nuts.
>
> [...snip...]
>
> > Is there any for me to disable the writing of this file?  I'm sure it would
> > do wonders for my packet loss problem.
>
> Yeppers.
>
> > From the man page:
>
> [...]
>
>      -N   Turn off packet logging.  The program  still  generates
>           alerts normally.
>
> [...]
>
> Cheers!
>
> -----
> Erek Adams
> Nifty-Type-Guy
> TheAdamsFamily.Net



-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users