Snort mailing list archives
Re: problem with alert_syslog and internal statistics...
From: Bamm Visscher <bamm () satx rr com>
Date: Thu, 13 Feb 2003 13:41:05 -0600
If you start snort w/o -D then, IIRC, stats are sent to stdout. Bammkkkk On Thu, Feb 13, 2003 at 10:55:24AM -0800, Bob Hoffmaster wrote:
Internal statistics are not being written to the syslog facility. (I have been searching the archives for this problem, but, no luck) Snort alert messages and PID are successfully being written to the /var/adm/messages BUT when I 'kill -USR1 <snort pid>', the internal statistics summary information is not written to the /var/adm/messages file. Starting snort this way: 'snort -c /snort.conf' and/or 'snort -N -c /snort.conf my snort.conf has this entry: output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID my syslog.conf file (Solaris OS) has this entry: *.alert /var/adm/messages Any suggestions would be appreciated. Bob Hoffmaster
------------------------------------------------------- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- problem with alert_syslog and internal statistics... Bob Hoffmaster (Feb 13)
- Re: problem with alert_syslog and internal statistics... Matt Kettler (Feb 13)
- Re: problem with alert_syslog and internal statistics... Bamm Visscher (Feb 13)
- Re: problem with alert_syslog and internal statistics... Erek Adams (Feb 13)