Snort mailing list archives
(no subject)
From: "Roger Parx" <n8wrk () msn com>
Date: Tue, 24 Sep 2002 16:25:18 -0500
Hi I am new to Snort and have a few nagging questions for the merciful person who can spare time to reply to this mesage. 1) I set Snort1.8 to run on a Redhat linux7.2 based machine over the week-end and found snort halted on monday with the following message on screen: Received signal 3, exiting. Is that a default timeout programmed into snort to prevent it from running for prolonged time? How is it different from the "Received signal 2, exiting" signal that we get when we exit snort using Ctrl+C. 2) How can I search the content of multiple log files/folders simultaneously for a string? For example after I have logged sufficient traffic using the command: snort -dev ./snortlog ( snortlog is the folder I want to log thetraffic in ) how can I search through the traffic of a range of ip addresses, which are saved in folders (named after the ip addresses) Thank you RogerGet more from the Web. FREE MSN Explorer download : http://explorer.msn.com
Current thread:
- Just one match could cover serious attack, (continued)
- Just one match could cover serious attack Alvaro Lillo (Aug 25)
- Re: Just one match could cover serious attack John Sage (Aug 25)
- Just one match could cover serious attack Alvaro Lillo (Aug 25)
- (no subject) S.M.Karthik (Aug 26)
- (no subject) Lionel Fairon (Aug 28)
- Re: (no subject) Roman Danyliw (Sep 05)
- (no subject) Marc Dreher (Sep 06)
- Issue with barnyard & unified alert log file Marc Dreher (Sep 06)
- (no subject) Earl D. Fife (Sep 11)
- (no subject) Sergg B. (Sep 15)
- (no subject) snort bsd (Sep 22)
- (no subject) Roger Parx (Sep 24)
- RE: (no subject) Wayne T Work (Sep 24)
- Re: (no subject) Joe Giles (Sep 24)
- (no subject) Lakshmi (Sep 25)
- (no subject) 赵光明 (Sep 28)