Snort mailing list archives

Re: A size of log file is zero although there is an attack

From: Jutichai Thongkrachai <thsecmaniac () gmail com>
Date: Sat, 4 Oct 2014 13:36:46 +0700

To Waldo ,Shalif and Stephane,


I found out a cause of my problem. the cause is the "$NO_PACKET_LOG" option
(-N)  in Snort's startup script. I try to delete it, restart my Snort and
then go to /var/log/snort where logs is in. I found out there are logs
which has a size! :

-rw-r--r--. 1 root  root  4001 Oct  4 13:24 alert
-rw-------. 1 snort snort 2081 Oct  4 13:24 tcpdump.log.1412403724
-rw-------. 1 snort snort 2297 Oct  4 13:24 u2_log.log

:-) :-)

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: A size of log file is zero although there is an attack Jutichai Thongkrachai (Oct 03)
- Re: A size of log file is zero although there is an attack waldo kitty (Oct 04)