Snort mailing list archives
Re: log file
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 4 Jul 2012 10:47:01 -0400
You are attemping to log in Ascii mode when you have ipv6 on your network. And afaik, you can't create a directory in Windows with a colon in the name. So, I'd suggest logging in a different method. -b perhaps? J On Jul 4, 2012, at 5:39 AM, Deepika p <dgpks1 () gmail com> wrote:
hi, I am getting following error when trying to run using command c:\winids\snort\bin\snort -A console -i1 -c c:\winids\snort\etc\ snort.conf -l c:\winids\snort\log -K ascii 07/04-15:02:40.744280 [**] [1:2000000:1] Got an IP Packet [**] [Classification: Not Suspicious Traffic] [Priority: 3] {UDP} fe80:0000:0000:0000:b4af:fd3b:a6b2: 237c:65278 -> ff02:0000:0000:0000:0000:0000:0001:0003:5355 ERROR: OpenLogFile() => mkdir(c:\winids\snort\log/fe80:0000:0000:0000:b4af:fd3b: a6b2:237c) log directory: Invalid argument Fatal Error, Quitting.. What is reason for it? What should we do to get traffic alerts in log file. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- log file Deepika p (Jul 04)
- Re: log file Joel Esler (Jul 04)