RE: Alert.ids log file not being created

[Snow Jacob C KPWA <JacobSC () kpt nuwc navy mil>]

Add this line to your snort.config file:

        output alert_fast: alert.ids

at least that worked for me.

Thank you,
 
Jacob Snow
jacobsc () kpt nuwc navy mil
(360)315-3487
NAVSEA Intern

-----Original Message-----
From: Michael Steele [mailto:mes () go2dds com] 
Sent: Monday, April 28, 2003 6:28 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Alert.ids log file not being created

Why is it that I have no alert.ids file being created?

output database: alert, mysql, user=user password=pass dbname=snort
host=127.0.0.1 port=3306 sensor_name=my_ids

snort -o -c c:\ids\snort\etc\snort.conf -l c:\IDS\snort\log

All I receive in my \log folder are folders with IP address and
individualized .ids files in each folder. I was sure Snort used to create a
\log\alert.ids file. I would Just as soon only have the alert.ids file only.

Running snort 2.01 b76

Thank you...

Mike





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users