Snort 1.9.0 output file format default on Win2k Pro

[Charles McCollister <cmccollister () milcorp com>]

I am running a Windows 2000 Professional workstation using Snort 1.9.0,
build 209, in IDS mode. After I upgraded to Snort 1.9.0 for Windows, the
output file format changed from snort-mmdd@time to snort.xxxxxxxxxx. I
understand from earlier postings that the new default format is epoch
format. I have also seen references in earlier posts to use the
undocumented -L switch to return the output to the old format.. I tried
that as follows:

snort -c c:\snort\snort.conf -A fast -i 3 -l c:\log -L

snort -c c:\snort\snort.conf -A fast -i 3 -l c:\log -L snort

snort -L snort -l c:\log -c c:\snort\snort.conf -A fast -i 3

The first line represents the -L switch without any options. It errors
and Snorts doesn't start. Lines 2 and 3 both start Snort with an output
filename of snort.xxxxxxxxxx. The -L switch does allow me to change the
filename to the left of the period.. However, the -L switch didn't
change the output file behavior back to the old default
(snort-mmdd@time). In the earlier posts the -L switch also didn't appear
to resolve the problem (2002-10-09 01:33 RE: Snort1.9 TCPdump output
file format).

How do I get the old output file format back without downgrading the
version of Snort.

Thanks,
Charles McCollister




-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T 
handheld. Power & Color in a compact size! 
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users