Snort mailing list archives
Re: snort 1.8.6 + OpenBSD 3.2-stabl
From: "larc" <larc () pandora be>
Date: Mon 09 Dec 2002 11:56:19 +0100
Hi, Well the best tip that I can give is, go to www.snort.org and download snort 1.9 Version 1.8.6 is really old and there are no signatures for it anymore. Stefan D. ------------------------ Darren <darren () dazdaz org> wrote: ------------------------ Hello snort-users,
After spending all afternoon on this, I need some tips. I am using OpenBSD 3.2-stable and snort 1.8.6 compiles from ports. I can't get snort to write csv output. Is this a known issue or am I doing something wrong? /etc/snort.conf output alert_syslog: LOG_AUTH LOG_ALERT output csv: /var/log/snort/snort.log msg,proto,timestamp,src,srcport,dst,dstport -bash-2.05b$ ls -ld /var/log/snort drwxr-xr-x 2 snort snort 512 Dec 8 17:31 /var/log/snort -bash-2.05b$ ls -l /var/log/snort/snort.log -rw-r--r-- 1 snort snort 0 Dec 8 17:31 /var/log/snort/snort.log I have to launch snort like this so it writes into /var/log/snort/ # snort -v -u snort -g snort -l /var/log/snort -D -bash-2.05b$ ps auxw | grep snort snort 21995 31.8 0.0 664 644 ?? Ss 5:38PM 0:14.62 snort -v -u snort -g snort -l /var/log/snort -D Interestingly without the -l option it won't write there, but this is less important. I'd like syslog and csv output. Snort was build like this # cd /usr/ports/net/snort # make install -bash-2.05b$ grep LOG_AUTH /usr/include/syslog.h #define LOG_AUTH (4 Snort!
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: snort 1.8.6 + OpenBSD 3.2-stabl larc (Dec 09)