RE: -l parameter

["Ed Callahan" <snort () edcallahan com>]

Try

    find /var/log/snort -atime +7 -type f -exec rm -rf {} \;

instead of

    find /var/log/snort -atime +7 -exec rm -rf {} \;

The -type f lists just files, not directories

Ed Callahan
snort () edcallahan com

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of
adam_peterson () splwg com
Sent: Tuesday, December 09, 2003 6:25 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] -l parameter



Thanks to John and Michael's advice, I've removed the -N parameter from the
Snort command line so it will indeed log to a directory in case I lose
communication with my db.  I'm executing these commands in crontab:

3 16 * * * find /var/log/snort -atime +7 -exec rm -rf {} \;
4 16 * * * mkdir /var/log/snort

The mkdir was necessary because "rm -rf" removes the snort directory.  Is it
possible to avoid this?  Thanks again for the advice from both of you.

Adam Peterson | Senior WAN Engineer | SPL WorldGroup |
adam_peterson () splwg com | +1.415.357.4787




-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users