Snort mailing list archives

Re: Doubt about rules

From: Erek Adams <erek () theadamsfamily net>
Date: Thu, 28 Feb 2002 03:49:33 -0800 (PST)

On Thu, 28 Feb 2002, koriun@ipia wrote:

*sigh*

1. Is there any snort log analiser?


http://www.snort.org/downloads.html

2. How can I log all alert msg to specified file ?? instead
of /var/adm/messages


RTFM.  It's all in there...

From the man page....


[...snip...]

     -l log-dir
          Set the output logging directory to log-dir. All  plain
          text alerts and packet logs go into this directory.  If
          this option  is  not  specified,  the  default  logging
          directory is set to /var/log/snort.

[...snip...]

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Doubt about rules Sonika Malhotra (Feb 28)
- Re: Doubt about rules Erek Adams (Feb 28)
- Re: Doubt about rules koriun@ipia (Feb 28)
  - Re[2]: Doubt about rules koriun@ipia (Feb 28)
  - Re: Doubt about rules Erek Adams (Feb 28)
- <Possible follow-ups>
- RE: Re[2]: Doubt about rules Ronneil Camara (Feb 28)