Snort mailing list archives
Re: alert log size
From: Darek Milewski <darek () nyi net>
Date: Mon, 28 Oct 2002 07:55:31 -0500
Look into log rotation. I am using FreeBSD and under /etc/newsyslog.conf I can specify /var/log/snort/alert.log 644 4 10000 * Z which would zip up the log if it reached 10MB and chmod it 644, and rename it to alert.0.gz. Not sure what the equivalent in your operating system would be. Billy Tsui (boomhq) wrote:
Dear all, Our snort always auto. stop when the alert log file (/var/log/snort/alert) size is 2G. Is it limited the size? Billy ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- alert log size Billy Tsui (boomhq) (Oct 28)
- Re: alert log size Darek Milewski (Oct 28)