2 questions

["Basil Saragoza" <snortlst () hotmail com>]

snort 1.8.3

1. In the log file I see only ICMP traffic...weird. Any reason for that?
2. I configured snort to log to my sql but snort wouldn't start if log directory  (var/snort/log) is not specified in 
snort.conf. This way it logs to both places: mysql db and alert file in /var/log/snort. - Is it possible to disable 
logging to /var/snort/log?
thanks.