Snort mailing list archives
SPADE alerts, but doesn't log
From: nate () riconcorp com
Date: Wed, 3 Apr 2002 17:28:51 -0800
I'm running snort 1.8.4 on a RedHat 7.2 machine. Snort is set to log (not alert, but log) to mysql. I set spade up and everything works fine, except for the fact that spade sends things to the alert facility. so far i thought that everything that went to the alert facility also went to the log facility, but not in this case. if i change my database options to alert instead of log, i see spade alerts there beyond that point. is there a way to keep my database set to log and have spade utilize it? at the moment i'm having it log to one database and alert to another (mainly to see if there's a difference in what the two facilities output). so here's an even better question: what is the real difference between the alert facility and the log facility anyway? i mean, what does one cover that the other doesn't? all the documentation i've read doesn't really explaing it. it just says i have a choice between the two. thanks in advance, Nate Schindler _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- SPADE alerts, but doesn't log Nate S. (Apr 03)
- <Possible follow-ups>
- SPADE alerts, but doesn't log nate (Apr 14)
- Re: SPADE alerts, but doesn't log Erek Adams (Apr 14)