Re: logto 3.0

["Carter Waxman \(cwaxman\) via Snort-users" <snort-users () lists snort org>]

Hello,

It looks like this was not added to 3.0, however it should have been. Thank you for finding this. We will be adding it 
back in the future. Until then, it is possible to configure default log paths with the -l command line option.

-Carter

From: Snort-users <snort-users-bounces () lists snort org> on behalf of kahleong_fong via Snort-users <snort-users () 
lists snort org>
Reply-To: kahleong_fong <kahleong_fong () yahoo com sg>
Date: Tuesday, October 17, 2017 at 3:24 AM
To: "snort-users () lists snort org" <snort-users () lists snort org>
Subject: [Snort-users] logto 3.0

hi all,

It has been awhile since 2004 that I touched snort! I remembered the logto option to capture pkts  used to work.
In the 3.0 release , I just cannot seem to get it to capture the pkts to the file.


alert icmp any any -> any any (logto:/var/snort/log/logto_log;sid=400000001; rev:1;)

I am able to see the alerts however no pkts in the logto_log file.

please advise.
regards

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!