Re: Always logging as binary!

[wkitty42 () windstream net]

On 01/22/2016 11:48 AM, Jack Rief wrote:
> I saw that but that seems to affect only the alerts.   I’m getting alerts in
> text form and having them sent to syslog.  That all works fine.
>
> The problem is the regular logs.  The documentation says the default mode for
> these logs is text, but I’m seeing them written in tcp_dump format no matter
> what startup options I use.   Meaning if I omit the –b option I get binary
> format, if I include the –b option I get binary format.

what, exactly, are you calling ""regular logs""?? by default (which i've asked a 
few times to have changed) the snort.log.xxxxxxxxxxxxxxxx files are pcaps which 
are always going to be in binary... in binary because they are the raw network 
packets that triggered the alert to be fired...

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!