Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Going from Preprocessor portscan2 to flow-portscan

From: Bill Warren <bwarren () optivel com>
Date: Wed, 04 Aug 2004 13:16:32 -0500
With portscan2 when there was a portscan the file /var/log/snort/scan.log was created and I would get
01/05-14:08:15.373424 UDP src: 192.160.160.211 dst: 192.160.160.34 sport: 202 dport: 105 tgts: 3 ports: 25 event_id: 769354
Now that I switched I don't get that log anymore. It only updates the scan.log. I have read README.flow-portscan and don't see how to have the log updated. Anybody have any ideas? 

I was running 2.0.0 and now I am running 2.1.3 on Linux.

Thanks,
Bill

--


**********************************
Bill Warren
Optivel, Inc.
E-mail: bwarren () optivel com
Voice:  317.275.2305
Fax:    317.275.2301
Web:    http://www.optivel.com
**********************************


-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: