Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: alert file, database output?!?!

From: Erek Adams <erek () snort org>
Date: Thu, 16 Jan 2003 10:13:14 -0500 (EST)
On Thu, 16 Jan 2003, Federico Lombardo wrote:


I've already checked  mailing list.


Oh, really?  Hrm....


The problem is that logging rules described in my snort.conf send all to a
database, I don't mentione about an alert file, so It's strange that snort
logs to a database for normal alerts, and for bad traffic evasion and
insertion alert to a file, doesn't it ?


Nope.  It's the difference in alert vs. log.  Have a look [0].

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


[0]     http://marc.theaimsgroup.com/?l=snort-users&m=101206451617790&w=2
        http://www.theadamsfamily.net/~erek/snort/logging_methods.txt


-------------------------------------------------------
This SF.NET email is sponsored by: Thawte.com
Understand how to protect your customers personal information by implementing
SSL on your Apache Web Server. Click here to get our FREE Thawte Apache 
Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: