Is the -s switch still there?

["Donald Heffernan" <donheff () excite com>]

Is the -s switch still a feature? I have been using Snort for years in a very low tech way on my home network. I don't 
have it output to a DB. I simply modified a copy of Andy Swan's snort2html and used that to generate an html file from 
alerts posted to /var/log/secure with the -s switch. I just upgraded to a 2.x version of Snort and find that no alerts 
are going to var/log/secure when I start it with the -s switch.

Can I still do this? Alternatively, does anyone have a simple script for quickly viewing alerts from /var/log/snort or 
from alert_fast? I don't get enough traffic at warrant an elaborate setup.

Don




_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users