Snort mailing list archives
Re: snort-1.8.7 and alert file
From: Michael Scheidell <scheidell () secnap net>
Date: Fri, 2 Aug 2002 13:02:08 -0400 (EDT)
Em Fri, Aug 02, 2002 at 10:56:57AM -0400, Michael Scheidell escreveu:I have ended up needing one copy of snort (which outputs TWO unified files) and two copies of barnyard with two different config files. What I would want to do is to have snort create a unified file with both log and alerts in it.I don't understand these too. Doesn't log contain alerts as well?
a binary look at file (using beav) seems to indicate it keeps logs and alerts, so, yes, snort will put both in (i think) however, there is no way for me to double check this. Daemon mode, one shot mode, special, specific barnyard.conf in one shot mode fails to produce any 'alerts' form log.* baryard unified files. -- Michael Scheidell, CEO SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net Looking for a career in Internet security? http://www.secnap.net/employment/ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: snort-1.8.7 and alert file, (continued)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)
- Re: snort-1.8.7 and alert file Andrew R. Baker (Jul 30)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Scott Nursten (Jul 30)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 02)
- Re: snort-1.8.7 and alert file Andreas Hasenack (Aug 02)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 02)
- Re: snort-1.8.7 and alert file Andrew R. Baker (Aug 03)
- Re: snort-1.8.7 and alert file Michael Scheidell (Aug 03)
- Re: snort-1.8.7 and alert file bthaler (Jul 30)
- Re: snort-1.8.7 and alert file Erek Adams (Jul 30)