![snort logo](/images/snort-logo.png)
Snort mailing list archives
Re: alert file, database output?!?!
From: Erek Adams <erek () snort org>
Date: Thu, 16 Jan 2003 10:13:14 -0500 (EST)
On Thu, 16 Jan 2003, Federico Lombardo wrote:
I've already checked mailing list.
Oh, really? Hrm....
The problem is that logging rules described in my snort.conf send all to a database, I don't mentione about an alert file, so It's strange that snort logs to a database for normal alerts, and for bad traffic evasion and insertion alert to a file, doesn't it ?
Nope. It's the difference in alert vs. log. Have a look [0]. ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson [0] http://marc.theaimsgroup.com/?l=snort-users&m=101206451617790&w=2 http://www.theadamsfamily.net/~erek/snort/logging_methods.txt ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- alert file, database output?!?! Federico Lombardo (Jan 15)
- <Possible follow-ups>
- Re: alert file, database output?!?! Federico Lombardo (Jan 16)
- Re: alert file, database output?!?! Erek Adams (Jan 16)