Re: snort-1.8.7 and alert file

[Michael Scheidell <scheidell () secnap net>]

> Em Fri, Aug 02, 2002 at 10:56:57AM -0400, Michael Scheidell escreveu:
> > I have ended up needing one copy of snort (which outputs TWO unified files)
> > and two copies of barnyard with two different config files.
> >
> > What I would want to do is to have snort create a unified file with both log
> > and alerts in it.
>
> I don't understand these too. Doesn't log contain alerts as well?

a binary look at file (using beav) seems to indicate it keeps logs and
alerts, so, yes, snort will put both in (i think) however, there is no way
for me to double check this.  Daemon mode, one shot mode, special,
specific barnyard.conf in one shot mode fails to produce any 'alerts' form
log.* baryard unified files.

-- 
Michael Scheidell, CEO
SECNAP Network Security, LLC 
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Looking for a career in Internet security?
http://www.secnap.net/employment/


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users