Snort mailing list archives

Re: snort not logging to log files..

From: Erek Adams <erek () theadamsfamily net>
Date: Fri, 19 Apr 2002 10:51:39 -0700 (PDT)

On Fri, 19 Apr 2002, Ross Tsolakidis wrote:

[...snip...]

I've run countless scans on the network and the host machine and I get
nothing in the logs..   /var/log/snort/
The strange thing about it is there are files in that dir but the size of
all the files is 0, they have nothing in them, but more files keep getting
added, empty ones !
I've also set snort up to email me daily, and all I get are blank emails,
I'm sure it's related to the blank files in /var/log/snort !

Can anyone shed any light on what's going on here...


Are you on a switched net?  If so, you might not see what you expect[0].  Are
you on a "dual speed hub" or "autoswitching hub?"?  Again, you might not see
what you expect[1].  What does the command line to snort look like?  IOW, what
does /etc/init.d/snort start _really_ 'do'?  Did you edit and configure the
snort.conf file?  What version of snort?  Did you build your own or use the
.deb version?

Just playing hunches/"law of averages"...  :)

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net

[0]     http://www.snort.org/docs/faq.html#1.8
[1]     http://www.snort.org/docs/faq.html#6.21


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort not logging to log files.. Ross Tsolakidis (Apr 19)
- Re: snort not logging to log files.. Erek Adams (Apr 19)
- <Possible follow-ups>
- RE: snort not logging to log files.. Ross Tsolakidis (Apr 22)
  - RE: snort not logging to log files.. Erek Adams (Apr 22)