Snort mailing list archives

Re: alert file, database output?!?!

From: "Federico Lombardo" <egopfe () hotmail com>
Date: Thu, 16 Jan 2003 09:41:13 +0100

I've already checked  mailing list.

The problem is that logging rules described in my snort.conf send all to a
database, I don't mentione about an alert file, so It's strange that snort
logs to a database for normal alerts, and for bad traffic evasion and
insertion alert to a file, doesn't it ?


----- Original Message -----
From: "Robby Desmond" <rdesmond () els ucsb edu>
To: "Federico Lombardo" <egopfe () hotmail com>
Sent: Thursday, January 16, 2003 12:20 AM
Subject: Re: [Snort-users] alert file, database output?!?!

Don't remember about the alerts in files, but it's on the list, search
marc.theaimsgroups.com with google.

As for the BAD packets, that's the preprocessor asn1.

-Robby

Robert Desmond
Systems Administrator
UCSB Extended Learning Services
805-893-4906



-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate 
is essential in establishing user confidence by providing assurance of 
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

alert file, database output?!?! Federico Lombardo (Jan 15)
- <Possible follow-ups>
- Re: alert file, database output?!?! Federico Lombardo (Jan 16)
  - Re: alert file, database output?!?! Erek Adams (Jan 16)