-s switch

["Donald Heffernan" <donheff () excite com>]

Is the -s switch still a feature?  I have been using Snort for years in a very low tech way on my home network.  I 
don't have it hooked into a DB.  I simply modified a copy of Andy Swan's snort2html and used that to generate a html 
file from alerts posted to /var/log/secure with the -s switch.  I just upgraded to a 2.x version of Snort and find that 
no alerts are going to var/log/secure when I start it with the -s switch.

Can I still do this?  Does anyone have a simple script for quickly viewing alerts from /var/log/snort or from 
alert_fast?  I don't have enough to need much.

Don



_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users