Re: config file

[wkitty42 () windstream net]

On 04/25/2016 06:20 AM, Chris Sandford wrote:
> ERROR: log_tcpdump: Failed to open log file "c:\snort\log/c:\snort\log.1461579119
>
> 9": Invalid argument
>
> Fatal Error, Quitting..
>
> I update my config file to point to c:\snort\log but I do not understand why it
> is looking for a log.1461579119?
>
> There is no file in that folder named as such so I can understand why it’s failing.
>
> Using on Windows

every time snort is started, it creates a new log file... *by default*, those 
log files have the name format of

   /some/directory/in/the/tree/snort.xxxxxxxxxx

the xxxxxxxxxx represent the numbers snort adds to the file name... these 
numbers are the decimal value of the unix time stamp of the file's creation...

it appears that you have told snort to use a directory to store the files in but 
you have not told it the filename to use...

what is your command line to start snort?

what does Section #6 (at least) of your snort.conf contain?

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!