[Snort-devel] Snort database logging while alerting to unixsock

Chris Green cmg at ...402...
Wed Jun 4 18:43:05 EDT 2003


"Chris Toombs" <ctoombs at ...2014...> writes:

> Why does the snort command line option to alert using the Unix socket
> preclude the simultaneous logging to a database as configured through
> the conf file (constrained in parser.c, ParseOutputPlugIn)?  I would
> like to do this, and can get both to run by changing parser.c, but I
> am wondering why it was coded like this to begin with?  Any help would
> be greatly appreciated.  Thanks Chris Toombs

Often times, running -A console was useful for debugging was useful
while using snort.conf.

You can configure both via the .conf file if you need both output
types.

--
Chris Green <cmg at ...402...>
Fame may be fleeting but obscurity is forever.




More information about the Snort-devel mailing list