Snort mailing list archives

Previous By Date Next
Previous By Thread Next

SPADE alerts, but doesn't log

From: nate () riconcorp com
Date: Wed, 3 Apr 2002 17:28:51 -0800
I'm running snort 1.8.4 on a RedHat 7.2 machine.

Snort is set to log (not alert, but log) to mysql.  I set spade up and
everything works fine, except for the fact that spade sends things to the
alert facility.  so far i thought that everything that went to the alert
facility also went to the log facility, but not in this case.  if i change
my database options to alert instead of log, i see spade alerts there beyond
that point.  is there a way to keep my database set to log and have spade
utilize it?  at the moment i'm having it log to one database and alert to
another (mainly to see if there's a difference in what the two facilities
output).
so here's an even better question:  what is the real difference between the
alert facility and the log facility anyway?  i mean, what does one cover
that the other doesn't?  all the documentation i've read doesn't really
explaing it.  it just says i have a choice between the two.

thanks in advance,

Nate Schindler

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: