[Snort-devel] Snort database logging while alerting to unixsock

Chris Toombs ctoombs at ...2014...
Wed Jun 4 06:27:25 EDT 2003


Why does the snort command line option to alert using the Unix socket preclude the simultaneous logging to a database as configured through the conf file (constrained in parser.c, ParseOutputPlugIn)?  I would like to do this, and can get both to run by changing parser.c, but I am wondering why it was coded like this to begin with?  Any help would be greatly appreciated.
Thanks
Chris Toombs




More information about the Snort-devel mailing list