Snort mailing list archives
Re: Changing name and file size limit of ALERT output file
From: "praveen_recker ." <praveen_recker () sify com>
Date: Thu, 27 Sep 2012 18:57:42 +0530
Hi Abhishek, You can use logrorate command on linux.......which automatically rotates mentioned files based upon your criteria/configuration. Best Regards, Praveen Darshanam On Thu, Sep 27, 2012 at 6:29 PM, Abhishek Sharma <abhisheksharma84 () gmail com
wrote:
Hello All, Apologies if the question is too trivial. I am running snort, lets say on a given pcap file using the following command line argument - snort -c /etc/snort/snort.conf -A fast -l /tmp/ -r ABCDE.pcap Everything runs fine and I get an alert file in the /tmp directory. My question is, that is there a way to - 1). Change the name of the file being created. Say if I want the file name to be alert_myname? 2). Is there a way to create multiple alert files based on a given size? Say can I restrict it to 100KB? so after every 100KB I get a new alert file (without deleting/overwriting the existing)? Or is the only way out is by playing around with code? Any help is much appreciated. Many Thanks. Abhi ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Changing name and file size limit of ALERT output file Abhishek Sharma (Sep 27)
- Re: Changing name and file size limit of ALERT output file praveen_recker . (Sep 27)