Re: -l parameter

[Dirk Geschke <Dirk () geschke-online de>]

Hi Adam,

> Is the -l (that's an L) parameter required?  I log to a db so I don't
> want to log to disk but for some reason, whether I use the -l
> parameter or not, Snort is "detecting" my previously specified log
> directory and writing to disk.  My disk isn't very big so I can't
> afford to log to disk.  I have no output options logging locally.
> Just 1 line in snort.conf for output:
>
> output database: alert, mysql, user=zzz password=zzz dbname=zzz
> host=zzz sensor_name=zzz

I guess all you need is the option "-N". You still need a log 
directory for snort but it won't be used. But all alerts will 
be send to the database via the output plugin.

Best regards

Dirk



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users