Re: Portscan log file consolidation.

["Denny Page" <denny () cococafe com>]

It cannot handle more than 1 file.

Denny

----- Original Message ----- 
From: "Peters, Michael D." <Michael.Peters () acbl net>
To: "Snort-Users@Lists. Sourceforge. Net (E-mail)"
<snort-users () lists sourceforge net>
Sent: Wednesday, October 29, 2003 07:12
Subject: [Snort-users] Portscan log file consolidation.


> In the acid_conf.php file is an entry $portscan_file =
> "/var/snort/portscan/";
>
> The question is, if I have several portscan log files that need attention,
> do I add entries in acid_conf.php like:
>
> $portscan_file = "/var/snort/portscan/1/";
> $portscan_file = "/var/snort/portscan/2/";
> $portscan_file = "/var/snort/portscan/3/";
>
> or can snort|acid only handle one log file?
>
> Best regards,
>
> Michael D. Peters
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> Does SourceForge.net help you be more productive?  Does it
> help you create better code?   SHARE THE LOVE, and help us help
> YOU!  Click Here: http://sourceforge.net/donate/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users



-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users