Snort mailing list archives
Re: snort-1.8.7 and alert file
From: <bthaler () webstream net>
Date: Tue, 30 Jul 2002 10:42:51 -0400
OK. Now my snort.conf has this: output log_null output log_unified: filename snort.log, limit 128 And logging is back, but so is the alert file. Sorry if I'm missing something really basic here. As far as my network utilization, I'm using about 30Mbit of a 45Mbit pipe. Regards, Brad T. ----- Original Message ----- From: "Erek Adams" <erek () theadamsfamily net> To: <bthaler () webstream net> Cc: <snort-users () lists sourceforge net> Sent: Tuesday, July 30, 2002 10:33 AM Subject: Re: [Snort-users] snort-1.8.7 and alert file
On Tue, 30 Jul 2002 bthaler () webstream net wrote:OK. I missed that one, thanks.No problem.Now, since my command-line "-N" is overriding my snort.conf's "output log_unified", I'm getting no logging at all. How do I either specify spo_unified on the command-line, or specify the "-N" in snort.conf?Easy enough: http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.5.12(Strangely, I'm getting 30% packet loss now.....interesting)Hrm... How much pipe, and how much utilization are you getting? ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net
------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file Andrew R. Baker (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Scott Nursten (Jul 30)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 02)
- Re: snort-1.8.7 and alert file Andreas Hasenack (Aug 02)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 02)
- Re: snort-1.8.7 and alert file Andrew R. Baker (Aug 03)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 03)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)