Snort mailing list archives

RE: (no subject)

From: "Joshua Berry" <jberry () PENSON COM>
Date: Mon, 1 Aug 2005 14:49:47 -0500

The "-A fast" is the problem.  If you use the "-A <cmd>" argument then
snort will ignore your output options in the config file.

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason
Benway
Sent: Monday, August 01, 2005 2:44 PM
To: Jason Brvenik
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] (no subject)

snort    32082     1  3 04:02 ?        00:21:39 /usr/sbin/snort -A
fast -b -d -D -i eth0 -u snort -g snort -c /etc/snort/snort.conf -l
/var/log/snort/eth0
snort    32088     1  3 04:02 ?        00:20:36 /usr/sbin/snort -A
fast -b -d -D -i eth1 -u snort -g snort -c /etc/snort/snort.conf -l
/var/log/snort/eth1
root     32741 32334  0 14:48 pts/0    00:00:00 grep snort


On 8/1/05, Jason Brvenik <jasonb () sourcefire com> wrote:

ps -efwww | grep snort

what command line do you start snort with?

Jason Benway wrote:

I've running snort 2.3.3.

Since I starting using the snort.conf from version 2.3.3, It seems 
like snort is only writting to the log files. My configur looks like
this:

output database: log, mysql, user=snort password=********** 
dbname=snort host=localhost sensor_name=grand_haven

my /var/log/snort/eth0
and
/var/log/snort/eth1
are full of log files.

thanks,jb


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration 
Strategies from IBM. Find simple to follow Roadmaps, straightforward

articles, informative Webcasts and more! Get everything you need to 
get up to speed, fast. 
http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users




-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

RE: (no subject), (continued)
- - RE: (no subject) M. Shirk (Aug 01)
    - Re: (no subject) Jason Benway (Aug 01)
    - Re: (no subject) M. Shirk (Aug 01)
    - Snort rules for Jolt tommy garsia (Aug 02)
  - RE: (no subject) Jeff Dell (Aug 01)
    - Re: (no subject) Jason Benway (Aug 01)
  - Re: (no subject) Jason Brvenik (Aug 01)
    - Re: (no subject) Jason Benway (Aug 01)
    - Re: (no subject) Jason Brvenik (Aug 01)
    - Re: (no subject) Jason Benway (Aug 01)
- RE: (no subject) Joshua Berry (Aug 01)
- (no subject) T.C. (Sep 02)
  - RE: (no subject) Paul Melson (Sep 02)
  - RE: (no subject) Patrick Harper (Sep 02)
- (no subject) Larry Wichman (Sep 12)