RE: logging traffic

["Kevin Binsfield" <kbinsfield () iosintegrated com>]

Multilog, part of D. J. Bernstein's daemontools rotates logs read from stdin
and also timestamps more accurately.

http://cr.yp.to/daemontools/multilog.html


Date: Wed, 13 Aug 2003 20:16:54 -0400 (EDT)
From: Erek Adams <erek () snort org>
To: Faiz Ahmad Shuja <faizshuja () yahoo it>
cc: zidan () popmail com, snort-users () lists sourceforge net
Subject: RE: [Snort-users] logging traffic

On Thu, 14 Aug 2003, Faiz Ahmad Shuja wrote:

> Yes, I think you can. Anyone please correct if I am wrong. You can limit
> file size by using unified output plugin.

Close, but not quite.  He wanted files to be rotated every time they
reached a certain size.  Unified doesn't do that.  The limit is the max
size of the file.  Once the size is reached, the file pointer wraps around
and starts filling up again from the 'front' of the file.  I think I've
heard things like that referred to as a 'circular file'.

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson




-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users