Snort mailing list archives
Re: Alert OR syslog?
From: Alberto Gonzalez <albertg () cerebro violating us>
Date: Thu, 05 Dec 2002 11:59:44 -0800
In your command line, your doing binary logging (-b), full logging (-A full) and syslog (-s).
I haven't tried todo both syslog and FULL (waste of time?). When I run it with the following command snort seems to run fine: /usr/local/bin/snort -c /etc/snort/snort.conf -I -A full -s blame_cmg -i rl0So give that a try, im not sure why someone wants 3 logging mechanisms, but hey!
Cheers! - Alberto (sorry cmg for the syslog part :-)) <grin> Weiss, Jeffrey H. wrote:
I am wondering why I cannot get both an alert log written AND syslogging to occur.My command line invocation:snort -b -c /usr/local/etc/snort/snort.conf -I -A full -l /logs/UA/snort -s -i qfe0Pertinent snort.conf(?): output alert_syslog: LOG_ALERT Is there something too obvious here? Thanks! Jeffrey Weiss
-- The secret to success is to start from scratch and keep on scratching. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Alert OR syslog? Weiss, Jeffrey H. (Dec 05)
- Re: Alert OR syslog? Alberto Gonzalez (Dec 05)
- <Possible follow-ups>
- RE: Alert OR syslog? Weiss, Jeffrey H. (Dec 05)
- RE: Alert OR syslog? Don (Dec 05)
- RE: Alert OR syslog? Don (Dec 05)
- RE: Alert OR syslog? Don (Dec 05)
- RE: Alert OR syslog? Steve Halligan (Dec 05)
- RE: Alert OR syslog? Weiss, Jeffrey H. (Dec 05)
- Re: Alert OR syslog? Alberto Gonzalez (Dec 05)
- RE: Alert OR syslog? Weiss, Jeffrey H. (Dec 05)
- RE: Alert OR syslog? L. Christopher Luther (Dec 06)
- Re: RE: Alert OR syslog? Erek Adams (Dec 06)