Snort mailing list archives
RE: snort start
From: "John Berkers" <berjo () ozemail com au>
Date: Thu, 9 Aug 2001 23:07:25 +1000
You can reconfigure your syslog.conf to log auth.alert to another file. Put in an entry like: auth.=alert -/var/log/snort.log and be sure to remove the same logging from /var/log/messages if you do not want it there ( auth.!=alert ). Alternatively you can use the -l option to specify a directory for snort to log to. It will create a file called 'alert' for alerts and 'portscan.log' for portscan events. Regards, John Berkers berjo () ozemail com au -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Birkir Björnsson Sent: Thursday, 9 August 2001 18:55 To: snort-users () lists sourceforge net Subject: [Snort-users] snort start Hi everyone I´m new to Snort just recently compiled to run with my AIX 4.3.3 system. I want to use snort to log with syslog options but to /var/log/snort.log not to /var/log/syslog. How can i do this I´ve tried snort -c snort.conf -s /var/log/snort.log this did not work of course. So any ideas .. Thanks Birkir _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort start Birkir Björnsson (Aug 09)
- RE: snort start John Berkers (Aug 09)
- <Possible follow-ups>
- snort start Birkir Björnsson (Aug 10)