Snort mailing list archives
Snort's pid in syslog
From: sekure <sekure () gmail com>
Date: Mon, 13 Sep 2004 14:44:15 -0400
Hi all, I was wondering if this is a bug with snort or perhaps I am going a little crazy. I recently reconfigured syslogd to log all daemon messages to one location: daemon.debug /var/log/daemon.log If I am not mistaken, before I did this, snort used to log to /var/adm/messages and every line used to contain the process id in square braces. Now that it's logging to /var/log/daemon.log there is not process id. Every other process (barnyard, sshd, ntpd, etc) has its pid in the log file, except for snort. The problem is that I am running 3 instances of snort on one box, and as a result can't tell which process is associated with which messages. I've restarted snort and syslogd many times to no avail. I am running snort 2.2.0 on RedHat 3.0. Anybody seen this? ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort's pid in syslog sekure (Sep 13)