RE: snort start

["John Berkers" <berjo () ozemail com au>]

You can reconfigure your syslog.conf to log auth.alert to another file.

Put in an entry like:

auth.=alert             -/var/log/snort.log

and be sure to remove the same logging from /var/log/messages if you do not
want it there ( auth.!=alert ).

Alternatively you can use the -l option to specify a directory for snort to
log to.  It will create a file called 'alert' for alerts and 'portscan.log'
for portscan events.

Regards,
John Berkers
berjo () ozemail com au


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of Birkir
Björnsson
Sent: Thursday, 9 August 2001 18:55
To: snort-users () lists sourceforge net
Subject: [Snort-users] snort start


Hi everyone

I´m new to Snort just recently compiled to run with my AIX 4.3.3 system. I
want to use snort to log
with syslog options but to /var/log/snort.log not to /var/log/syslog. How
can i do this I´ve tried
snort -c snort.conf  -s /var/log/snort.log    this did not work of course.
So any ideas ..


Thanks  Birkir


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users