Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort-1.8.7 and alert file

From: "Andrew R. Baker" <andrewb () snort org>
Date: Tue, 30 Jul 2002 11:35:03 -0400
bthaler () webstream net wrote:

OK.  Now my snort.conf has this:

output log_null
output log_unified: filename snort.log, limit 128

And logging is back, but so is the alert file.  Sorry if I'm missing something really basic here.

As far as my network utilization, I'm using about 30Mbit of a 45Mbit pipe.
get rid of the log_null and the "-N" on the commandline. Instead add "-A none" to your commandline to turn off the alerting. The unified log file will contain the alert data *and* the packet logs. 

-A



-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: