Snort mailing list archives
Re: manage logs in snort
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 23 Jan 2017 13:06:59 +0000
You'll need to restart Snort every night at 12:01 or something to have a different log every day. There's currently no way to roll the log daily. -- Sent from my iPhone On Jan 23, 2017, at 5:04 AM, samuel desseaux <samuel.desseaux () 6wind com<mailto:samuel.desseaux () 6wind com>> wrote: Hi, As newbie with snort, i wonder how i can manage my logs. Since Friday, i've 4 logs files, enough big and 2 only for today, that's a bit strange. -rw------- 1 snort snort 85M Jan 23 10:56 alert -rw-r--r-- 1 root root 128M Jan 20 23:08 alert.1484950122 -rw------- 1 snort snort 128M Jan 21 13:59 alert.1485003592 -rw------- 1 snort snort 128M Jan 22 04:48 alert.1485056894 -rw------- 1 snort snort 128M Jan 22 22:54 alert.1485122081 So, my questions 1) can i have one file per day? 2) can i change the name of the file (for example,"alert.1485003592" is not very clear)? 3) can i change the log level? Thank you for your help. Best regards -- ---------------------------------------------------------- Samuel Desseaux Network & System engineer 6WIND Mobile :+33 6 03 05 51 47 e-mail: samuel.desseaux () 6wind com<mailto:samuel.desseaux () wind com> ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org<http://SlashDot.org>! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- manage logs in snort samuel desseaux (Jan 23)
- Re: manage logs in snort Joel Esler (jesler) (Jan 23)