Re: log files

["Andrew R. Baker" <andrewb0x29a () yahoo com>]

You need to use build 77 of snort to use barnyard (available from CVS). 
This includes a change to the names of the files that spo_unified creates.
 They now look like: snort-unified.log.XXXXX, where XXXXX is the number of
seconds since epoch when the file was created.

-A


--- Adriel Navarro <anavarro () blackboard com> wrote:
> I am running snort 1.8.1 and am using the unified log format for alert
> and
> log as well as log for mysql. When snort logs to the logging directory
> it
> creats a logfile in the format of : 0831 () 1833-snort log and then creates
> multiple files based on the date and time, is there anyway to get this
> to
> log to a static snort.log or snort.alert file? I am trying out barnyard
> and
> it requires you to tell it what file to look at. My snort startup looks
> like:
>
> /opt/snort/bin/snort -c /opt/snort/etc/snort.conf -u snort -g snort -y
> -z
> est -i any -l /var/log/snort/  -o -D 
>
> ________________________
> Mr. Adriel Navarro
> Unix Systems Administrator
> Blackboard ASP
> 1899 L Street NW, Fifth Floor
> Washington, DC 20036
> anavarro () blackboard com
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users