Snort mailing list archives
RE: unix time appended to snort log
From: Steven Wo <mrvinci () yahoo com>
Date: Thu, 9 Jan 2003 23:49:30 -0800 (PST)
Hmmm. I guess it sounds like it isn't possible to drop the unix time being appended to the log files if I'm using the -l and -L flags. I have multiple interfaces and a specific naming scheme... Oh well, thanks! Steven --- "Gonzalez, Albert" <albert.gonzalez () eds com> wrote:
If you want to just log to /var/log/snort/alert that is the default logging mechanism... so just drop -l and -L ..... Cheers! Alberto Gonzalez Intrusion Detection Systems - GSOC Security and Privacy Professional Services -----Original Message----- From: Steven Wo [mailto:mrvinci () yahoo com] Sent: Wednesday, January 08, 2003 5:55 PM To: snort-users () lists sourceforge net Subject: [Snort-users] unix time appended to snort log Hi guys, I am currently running snort 1.9.0 on the latest FreeBSD stable. Snort 1.9.0 outputs log files in the following format: name.unix time. For example: at the command line, I type "snort -i <interface> -l /var/log/snort/<interface> -L example" The log files will then be named "example.1042063205" Question: Is there a way to have snort NOT append the log file with unix time? As it formally did in snort 1.8.6? If not, is this planned functionality? Thanks! Steven __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
-------------------------------------------------------
This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- unix time appended to snort log Steven Wo (Jan 09)
- <Possible follow-ups>
- RE: unix time appended to snort log Gonzalez, Albert (Jan 09)
- RE: unix time appended to snort log Steven Wo (Jan 10)