Snort won't log anything! Please help...

["Kalteis, Nico (Contractor)" <Nico.Kalteis () ed gov>]

Hello everyone!

I just upgraded to Snort 1.9.1. It's sitting on a W2K Advanced Server box.
Just running snort in verbose mode is working just fine.  It displays ARP
packets and also whenever I send it a bogus request for cmd.exe, just to get
a rise out of it.  So that all works.  What doesn't work is the logging bit.
the alert.ids file stays empty.  When I modified the snort.conf file to use
output plug in to log to a file called snort.alert it actually produced the
file in my log directory right where i wanted it, but inside the file was
just about a dozen characters of gibberish, but no actual logs.  Snort
startup says it processed so and so many rules files and everything is just
peachy, but i can't get it to log.

Any ideas?  Your help is much appreciated.

Cheers!

Nico


Nico C. Kalteis, MCSE, MCP+I 
Senior Technology Consultant 
c/o 
National Center for Education Statistics 
1990 K Street, NW 
Room 9007 
Washington, D.C. 20006 
Ph.: 202-502-7884 
Em.: nico.kalteis () ed gov