Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Alert File and Summary Statistics

From: Real Cucumber <monkcucumber () yahoo com>
Date: Wed, 7 Jul 2004 09:59:29 -0700 (PDT)
Hi,

Using Fedora Core 2 with snort-2.1.3-1.1, I am not
able to get it to produce any data in the "alert" file
using the following command:

snort -A full -D -l /var/log/snort/dir

It does capture all the traffic though, just doesn't
create any alerts.

I've also tried using the -c snort.conf rules thing
(using latest set of snort rules) - but that doesn't
do it either.

Reason I need the alert file is so I can do summary
analysis on the traffic using snortalog or snortsnarf
- they don't work without the alert file!

Does anyone know of a data analysis tool that will
work on the snort traffic data/directories instead of
hte alert file?  Or how to fix my alert file problem?

Thanks!!!



                
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: