Snort mailing list archives
-s switch
From: "Donald Heffernan" <donheff () excite com>
Date: Thu, 21 Aug 2003 07:30:58 -0400 (EDT)
Is the -s switch still a feature? I have been using Snort for years in a very low tech way on my home network. I don't have it hooked into a DB. I simply modified a copy of Andy Swan's snort2html and used that to generate a html file from alerts posted to /var/log/secure with the -s switch. I just upgraded to a 2.x version of Snort and find that no alerts are going to var/log/secure when I start it with the -s switch. Can I still do this? Does anyone have a simple script for quickly viewing alerts from /var/log/snort or from alert_fast? I don't have enough to need much. Don _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web! ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- -s switch Donald Heffernan (Aug 22)