Re: disable /var/log/snort logging

[Bamm Visscher <bamm () satx rr com>]

Attach the database plugin to the 'alert' facility vice the 'log' facility when using -N.
 
For example,

  output database: alert, postgresql, user=snort dbname=snort

vs.

  output database: log, postgresql, user=snort dbname=snort


Bammkkkk

On Wed, May 07, 2003 at 04:48:13PM -0700, Nick White wrote:
> You're right, the -N option turns off packet logging.  Sure it doesn't
> write to the disk, but it turns off packet logging within mysql as well
> - not cool.  Surely there is a way to have snort log everything to mysql
> (even packet logging), without dumping data to the hard drive.  I just
> can't figure out how.  I'm starting snort with -b (binary logging)
> option, which takes care of it crashing after a few minutes under a
> really heavy load.  Even still, logging to the disk is a total waste
> because I'll never do anything with the binary logs.


-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users