Snort mailing list archives
SNORT not saving pcap file
From: jtravlos () rsignia com
Date: Thu, 25 Oct 2012 18:54:45 +0000
I'm running snort 2.9.3.1 on CentOS 6.3 capturing traffic via Endace DAG card. I want to save to a file (pcap format) the traffic that it sees. I know in snort.conf there are some settings, but it does not appears to save the file. When ever I use the snort.conf, it is not saved. The settings are: config logdir: /data/snortlog # pcap output log_tcpdump: tcpdump.log The command I'm using to start snort: ./snort -d -b -i dag0:0 -c /etc/snort/snort.conf If I use this, I get a file that tcpdump can read, but no detail packet info. ./snort -d -b -i dag0:0 -l /data/snortlog -L tcpdump.log Attached is the snort.conf. Any suggestions? What am I doing wrong? Thanks, John Travlos
Attachment:
snort.conf
Description:
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- SNORT not saving pcap file jtravlos (Oct 25)
- Re: SNORT not saving pcap file Joel Esler (Oct 25)
- <Possible follow-ups>
- Re: SNORT not saving pcap file jtravlos (Oct 25)
- Re: SNORT not saving pcap file waldo kitty (Oct 25)
- Re: SNORT not saving pcap file John Travlos, Jr. (Oct 26)
- Re: SNORT not saving pcap file waldo kitty (Oct 25)