Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: rotate alert cache

From: Erek Adams <erek () snort org>
Date: Thu, 3 Jul 2003 22:57:56 -0400 (EDT)
On Thu, 3 Jul 2003, Kerry Cox wrote:


Quick question, does anyone know of or have a simple script for rotating
out the /var/log/snort/alert file periodically? I'm sure it would be a
simple matter to write this, but why re-invent the wheel?
I'd like to be able to append a .1 or .2 to the end of each rotated file
for archival purposes, much as the messages and secure files are rotated
out. I'd add the alert file to the regular rotation of these as well,
but want to make certain it works without killing the running Snort
process.


Quite a few OS'es already have somethinglike that.  Logrotate is already
on some Linux distros.  Newsyslog is on *BSD boxes.  Check freshmeat
(freshmeat.net) for quite a few log tools.

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: