Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Alert file exceeds 2GB

From: Erek Adams <erek () snort org>
Date: Mon, 21 Apr 2003 14:15:59 -0400 (EDT)
On Thu, 17 Apr 2003, Erick Mechler wrote:


:: The problem that I'm running into is importing a snort log file in
:: tcpdump format into a mysql db using snort.  While importing this log
:: the alert file grows to the filesystem 2GB limit and then exits.  My
:: question is why does it write to the alert file when I'm importing into
:: mysql.  The snort.conf file that I'm using only has this for the output
:: line:

This question has been answered a couple times on the list previously.
Please check the archives and you should find what you're looking for.


Actually, that wasn't his question.  His question was 'Why does it (snort)
write to the alert file when I'm importing into MySQL?'.  The 2GB file
limit has been beaten to death, yes.  :)

Dusty, you need to turn off alerting/logging.  Try using '-A none' or '-N'
and see if one of those fixes it.

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: