Re: Snort IDS doesn't log the alerts in the path /var/log/snort

["Al Lewis \(allewi\) via Snort-users" <snort-users () lists snort org>]

Hello,

You can set the logging with the -l (lowercase letter L) or set it within your config file.

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node21.html




Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
Cisco Systems Inc.
Email: allewi () cisco com<mailto:allewi () cisco com>

From: Snort-users <snort-users-bounces () lists snort org> on behalf of 2014/2015 - Nsabimana Thierry 
<thierry.nsabimana () aims-cameroon org>
Date: Tuesday, May 15, 2018 at 11:17 AM
To: "snort-users () lists snort org" <snort-users () lists snort org>
Subject: [Snort-users] Snort IDS doesn't log the alerts in the path /var/log/snort

Hello everyone,
I passed DARPA dataset into snort IDS to generate the alerts in the
path /var/log/snort but it doesn't log the alerts. I just see the received
and analyzed packets. I don't see how to solve such problem.
To run it on snort, I used the following command
sudo snort -r datasetName.pcap -c snort.conf
Could you please help me to solve this problem.


--
[https://docs.google.com/uc?export=download&id=0B8jpipaJicbYWlVIQmdVYVBvTGc&revid=0B8jpipaJicbYNUpwTmhSaVVPdXZheVVjQnVKc3RlTVdpSk00PQ]
PhD Student In Computer Science
University of Abomey Calavi, IMSP
Email: thierry.nsabimana () aims-cameroon org<mailto:thierry.nsabimana () aims-cameroon org>
Email: thierry.nsabimana () imsp-uac org<mailto:thierry.nsabimana () aims-cameroon org>
Tel: +229 61 403 104
AIMS-CAMEROON ALUMNI


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette