Snort mailing list archives
Re: Having problem with Barnyard
From: firnsy <firnsy () securixlive com>
Date: Thu, 24 Jun 2010 21:16:41 +0930
Nick,
# unified2 # Recommended for most installs output unified2: filename snort.log, limit 128, nostamp
To maintain chronology of the files, barnyard2 (like the original barnyard) utilises the unix timestamp that is normally appended to the filename. For example: snort.u2.124848388 snort.u2.124861336 snort.u2.124892311 By using the "nostamp" directive you are explicitly removing this timestamp and thus rendering the spooling operation of barnyard2 ineffective. In short, omit the "nostamp". The rest should be sufficient. Regards, -- firnsy www.securixlive.com
Attachment:
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard firnsy (Jun 24)
- Message not available
- Re: Having problem with Barnyard firnsy (Jun 24)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)