Snort mailing list archives
Re: Snort log file size is getting huge
From: beenph <beenph () gmail com>
Date: Tue, 23 Jul 2013 11:17:15 -0400
On Tue, Jul 23, 2013 at 11:10 AM, Maged Shenouda <maged67 () hotmail com> wrote:
I finally was able to make snort logging work but it is getting huge within 5-10 minutes? The snort.conf file is set as follow output unified2: filename snort.log, limit 128 but the file size is continuing to grow, it doesn't stop at the 128 mb? what is wrong with it? Is that normal? shouldn't it record only suspecious alerts and not everything? here is the running process ps aux | grep -i "snort" snort 16992 5.8 1.3 594500 221484 ? Ssl 10:38 0:07 /usr/local/bin/snort -A full -b -d -D -i eth0 -u snort -g snort -c /etc/snort/snort.conf -l /var/log/snort root 16998 0.2 0.1 146428 22416 ? Ss 10:38 0:00 /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -G /etc/snort/gen-msg.map -S /etc/snort/sid-msg.map -d /var/log/snort -f snort.log -w /var/log/snort/barnyard2.waldo -D root 17005 0.0 0.0 4404 728 pts/0 S+ 10:40 0:00 grep -i snort
I even tried the snort without the -A & without -b but same result
Remove both arguments if you want your configuration file output directive to be handled correctly. ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort log file size is getting huge Maged Shenouda (Jul 23)
- Re: Snort log file size is getting huge beenph (Jul 23)
- Re: Snort log file size is getting huge Maged Shenouda (Jul 23)
- Re: Snort log file size is getting huge waldo kitty (Jul 23)
- Re: Snort log file size is getting huge Maged Shenouda (Jul 23)
- Re: Snort log file size is getting huge waldo kitty (Jul 23)
- Re: Snort log file size is getting huge waldo kitty (Jul 23)