Re: Same question again..

[Bamm Visscher <bamm () satx rr com>]

You are not really giving us enough info to diagnose the exact problem
(ie relevant info from snort.conf and the what command line switches you
are using to start snort), which is probably why no one is replying. 

The -b option will only affect "log" output. If you are in fact using
"LOG_ALERTS" as the priority for syslog output, then that may be the
problem. LOG_ALERTS is not a valid priority for syslog. Try LOG_ALERT
(no "S") and make sure syslogd is setup correctly to handle that
facility/priority combination (man syslog.conf).  

Bammkkkk

On Thu, 2002-05-23 at 14:36, C Boss wrote:
> Guys, help me out here please. This is the second time I have put out this 
> question. Is the question plain stupid or do you need more information. 
> Please let me know.
>
> "I want to log in a binary format and thus am using the -b option. I am also 
> logging all alerts to syslog. So I have something like LOG_LOCAL7 LOG_ALERTS 
> in the snort.conf file.
>
> The problem is that if I use the -b oprion with Snort, I don't see any
> alerts in the syslog.
>
> Do the two don't work together ?"
>
> Thanks.



_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users