Snort mailing list archives

Re: Snort Logs

From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Wed, 17 Sep 2003 13:31:43 -0500 (CDT)


On Wed, 17 Sep 2003, Keaton, Lindamaria wrote:

Hello,

I'm running snort 2.0 on Linux 9.0. Does anyone know how to rotate
/var/log/snort/alert when it reaches certain size?

You could use logrotate with the size option for this.

       "/var/log/snort/alert" {
           rotate 30
           size=100k
           postrotate
                                kill -HUP `pidof /usr/local/bin/snort`
           endscript
       }

And upgrade to snort 2.0.1 while you are at it.
---------------------------------------------------------------------
Demetri Mouratis
dmourati () linfactory com



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort Logs Keaton, Lindamaria (Sep 17)
- Re: Snort Logs Demetri Mouratis (Sep 17)
- <Possible follow-ups>
- RE: Snort Logs Keaton, Lindamaria (Sep 17)
  - Re: Snort Logs Michael Sconzo (Sep 17)
  - RE: Snort Logs Demetri Mouratis (Sep 17)
- RE: Snort Logs Grejda, Eric (Sep 18)
- Re: Snort Logs Marc Quibell (Sep 18)
- RE: Snort Logs Esler, Joel Contractor (Sep 18)
- Re: Snort Logs John Creegan (Sep 18)