Snort mailing list archives
Re: Snort + Barnyard + alert file
From: Vipul M Sawant <vipul.sawant () gmail com>
Date: Sat, 8 May 2010 07:54:12 +0530
Hi Fábio You can specify unified output option in /etc/snort/snort.conf to create unified files. for example - output alert_unified: filename snort.alert, limit 128 output log_unified: filename snort.log, limit 128 add these lines to snort.conf start barnyard with options -l /var/log/snort and -f snort.alert Thanks, Vipul 2010/5/8 Fábio Ferrão <ferrao04 () gmail com>
Dears, When I initialize snort + barnyard, the /var/log/snort/alert file don't receive no alerts. Now I'm initializing only snort sending alerts to database, but I continue don't receive no alerts in /var/log/snort/alerts. Why? Can somebody help me? Thanks. -- Fábio Ferrão "E conhecereis a verdade e a verdade vos libertará". João 8.32 "And you will know the truth and the truth you will free". John 8.32 ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + Barnyard + alert file Fábio Ferrão (May 07)
- Re: Snort + Barnyard + alert file Vipul M Sawant (May 07)
- Re: Snort + Barnyard + alert file Russell Fulton (May 09)
- Re: Snort + Barnyard + alert file Vipul M Sawant (May 07)