Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Changing name of alerts log

From: Joel Esler <joel.esler () sourcefire com>
Date: Mon, 10 Mar 2008 11:35:04 -0400
Do you have a snort.conf file from your predecessor?

Joel

On Mar 10, 2008, at 10:40 AM, frederick sonnichsen wrote:


I have snort 2.8.0.2 (75) running on Fedora Core 6. It presently  
writes
files "alerts" and "snort.log.xxxxxxx".
I want to change the names of these files to fit software/scripts
written by my predecessor. Can someone tell me how to change the:  
alerts
log to "snortlog.log" and the dump logs to "tcpdump.log"

I tried:
in snort.conf
 output alert_syslog: LOG_LOCAL0
in syslog.conf
 local0.*
/var/log/snort/snortlog.log

But this has no affect. Perhaps this is not the way to accomplish  
this.

Thanks
Fritz



-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




--
Joel Esler  joel.esler () sourcefire com





-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: