Snort mailing list archives
Re: Snort and real-time alerting
From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 28 May 2012 14:40:49 -0400
On 5/28/2012 12:14, Jeronimo L. Cabral wrote:
Coming back to real-time monitoring of Snort, my Snort generates a lot of snort log files under /var/log/snort, they have different names. What can I do to monitor Snort if the file name changes ???
what logging type are you using? if those files are what i think they are, they are actually pcap files and you have an alert file as well... if they are pcap files only, then you can keep them for some random X time and then delete them unless you have something else (reporting tools) that might use them if you go back into history... mine are named like "snort.log.1279385047" and they range in size due to the traffic captured for alerts between snort restarts... so, what are you trying to use to monitor snort via those files?? ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: Snort and real-time alerting, (continued)
- Re: Snort and real-time alerting Lay, James (May 23)
- Re: Snort and real-time alerting Jeronimo L. Cabral (May 23)
- Re: Snort and real-time alerting Lay, James (May 23)
- Re: Snort and real-time alerting Jeronimo L. Cabral (May 23)
- Re: Snort and real-time alerting Lay, James (May 23)
- Re: Snort and real-time alerting Jeremy Hoel (May 23)
- Re: Snort and real-time alerting JJC (May 23)
- Re: Snort and real-time alerting waldo kitty (May 24)
- Re: Snort and real-time alerting JJC (May 24)
- Re: Snort and real-time alerting Jeronimo L. Cabral (May 28)
- Re: Snort and real-time alerting waldo kitty (May 28)
- Re: Snort and real-time alerting Jeronimo L. Cabral (May 29)
- Re: Snort and real-time alerting Jeronimo L. Cabral (May 23)
- Re: Snort and real-time alerting Lay, James (May 23)
- Re: Snort and real-time alerting Eric G (May 28)