Snort mailing list archives
Re: Unified logging doesn't work.
From: James Lay <jlay () slave-tothe-box net>
Date: Tue, 10 Jun 2014 16:46:17 -0600
On 2014-06-10 16:43, Steve Crow wrote:
I don’t question that your command works, my question has to do with having snort start at boot. The recommended install docs at sourceforge use /etc/init.d/snortd and /etc/sysconfig/snort files. But they are not designed for unified output as far as I can tell. If I go with your command, where do I place it to have snort automatically start up at boot time? Thanks again! Steve
Well...I don't recognize the sysconfig file but I can tell you that: snort --daq afpacket --daq-mode passive -i eth0:eth1 Work like a champ and create only one unified file. James Currently my /etc/rc.local....but I did my own setup. This is just straight command line. James
Ah...I understand now. What distro are you runing? James ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Unified logging doesn't work. Hadri Rahman (Jun 05)
- Re: Unified logging doesn't work. Steve Crow (Jun 09)
- Re: Unified logging doesn't work. Joel Esler (jesler) (Jun 09)
- Re: Unified logging doesn't work. Steve Crow (Jun 09)
- Re: Unified logging doesn't work. James Lay (Jun 09)
- Re: Unified logging doesn't work. Steve Crow (Jun 09)
- Re: Unified logging doesn't work. James Lay (Jun 09)
- Re: Unified logging doesn't work. Steve Crow (Jun 09)
- Re: Unified logging doesn't work. James Lay (Jun 09)
- Re: Unified logging doesn't work. Steve Crow (Jun 10)
- Re: Unified logging doesn't work. James Lay (Jun 10)
- Re: Unified logging doesn't work. Steve Crow (Jun 11)
- Re: Unified logging doesn't work. James Lay (Jun 11)
- Re: Unified logging doesn't work. Joel Esler (jesler) (Jun 09)
- Re: Unified logging doesn't work. Steve Crow (Jun 09)