Snort mailing list archives

Previous By Date Next
Previous By Thread Next

interesting observation on snort logging! Anyone else..

From: "hallian hallian" <hallian () hotmail com>
Date: Sat, 25 Oct 2003 00:25:19 -0400
Hello -
I have been baffled for the last 5 days on trying to get snort to log in the /var/log/snort/alert file. But I found out that IF YOU state your HOME network example: 

var HOME_NET 10.1.1.0/24
It will NOT create the /var/log/snort/alert file. But if you state the default: 

var HOME_NET ANY

It will CREATE the /var/log/snort/alert file.
Now, why is that? Can someone explain that to me. The reason why I wanted the alert file was to run a log parser and that was the file required too. 

Anyone seen thios before?

Cheers,
hallian

_________________________________________________________________
Concerned that messages may bounce because your Hotmail account has exceeded its 2MB storage limit? Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es 



-------------------------------------------------------
This SF.net email is sponsored by: The SF.net Donation Program.
Do you like what SourceForge.net is doing for the Open
Source Community?  Make a contribution, and help us add new
features and functionality. Click here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: