Snort mailing list archives
RE: Snort 1.9, RH 7.3 and Acid
From: Erek Adams <erek () theadamsfamily net>
Date: Mon, 7 Oct 2002 10:15:15 -0700 (PDT)
On Mon, 7 Oct 2002, Slighter, Tim wrote:
did you check the snort.conf file to ensure that on the output line it is using "alert" instead of "log" ? Also, you may have to start snort with the -o option to change the order for snort output.
The '-o' parameter has nothing to do with the DB. You could add it, remove it and all data would still go into the DB. Changing it from 'alert' to 'log' has nothing to do with the rules, it only has to do with the output facility. Marty gives a nice breakdown of it in a old message[0] to the list. Josh, take a look at the ACID Install doc. There's a section on 'How to verify MySQL logging' that might be of some use. Cheers! ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net [0] http://www.theadamsfamily.net/~erek/snort/logging_methods.txt [1] http://acidlab.sourceforge.net/acid_config.html ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort 1.9, RH 7.3 and Acid Beckett, Josh (Oct 04)
- Re: Snort 1.9, RH 7.3 and Acid Addam Schroll (Oct 04)
- <Possible follow-ups>
- RE: Snort 1.9, RH 7.3 and Acid Beckett, Josh (Oct 04)
- RE: Snort 1.9, RH 7.3 and Acid Slighter, Tim (Oct 07)
- RE: Snort 1.9, RH 7.3 and Acid Erek Adams (Oct 07)
- RE: Snort 1.9, RH 7.3 and Acid Beckett, Josh (Oct 07)
- RE: Snort 1.9, RH 7.3 and Acid Kevin Brown (Oct 07)
- RE: Snort 1.9, RH 7.3 and Acid Beckett, Josh (Oct 08)
- RE: Snort 1.9, RH 7.3 and Acid Erek Adams (Oct 08)