Re: RE: Snort not logging to the /var/log/snort/alert file

[twig les <twigles () yahoo com>]

--- ids () san rr com wrote:
> Jim,
>
> You are right about the chmod 777. I know better then to open
> up a file like that. I'm just frustrated trying to get this
> fixed. I've tried everything and can't seem to get Snort to
> write to the alert file. I also tried your suggestion:
>
> mv /var/log/snort/alert /var/log/snort/alert.old
> kill -HUP `cat /var/run/snort_eth0.pid`
>
> and I could not get Snort to recreate the alert file. I think
> I'm going to just start from scratch and rebuild Snort again. 


Before you wipe the install clean, have you looked at the
permissions of the directory?  Do an ls -l /var/log/snort/ and
see if root owns that.  I've had this problem and once you
figure it out you slap your forehead.  If this is the case a
simple chown -R snort:snort /var/log/snort/ should do it (that's
off the top of my head though, so no biting if it is slightly different).

=====
-----------------------------------------------------------
With a few exceptions, secrecy is deeply incompatible with
democracy and with science.
     --Carl Sagan  
-----------------------------------------------------------

__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users