Snort mailing list archives
Logging not working
From: Ed Kasky <ed () esson net>
Date: Thu, 20 Sep 2001 20:20:45 -0700
I just installed snort for the first time in hopes of using it as an IDS for our small network. I am having trouble figuring out the logging and can't find the exact answer in the archives or the docs as of yet.
Setup: Snort Version 1.8.1-RELEASE (Build 74)
Redhat 6.1
I start snort with the following:
/usr/local/bin/snort -D -c /usr/local/snort/snort.conf
From the faq:
If you specified a logging directory with the -l parameter then that is
where your files are located.
If you did not specify a logging directory then Snort will log to
/var/log/snort/. In the past, running
Snort in daemon mode (-D) produced a file named "snort.alert". For
consistency sake, this has
been changed. Running Snort in both standard or daemon modes (-D) will
produce a file named "alert".
However, when I start snort, the following are created depending on the date and time of course:
0 Sep 20 20:09 0920@2009-snort.alert 0 Sep 20 20:09 0920 () 2009-snort log ...and they stay empty. There is no "alert" in /var/log/snort/ Any pointer as to where to look next are appreciated..... Ed ~~ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Logging not working Ed Kasky (Sep 20)
- Re: Logging not working Gordon Ewasiuk (Sep 20)
- Re: Logging not working Ed Kasky (Sep 20)
- Re: Logging not working Gordon Ewasiuk (Sep 20)
- Re: Logging not working Ed Kasky (Sep 20)
- Re: Logging not working Ed Kasky (Sep 20)
- Re: Logging not working Gordon Ewasiuk (Sep 20)