[Snort-devel] unified2 alert files with trailing period and no appended timestamp?
mike.cox52 at ...2499...
Fri Jan 17 09:04:49 EST 2014
I'm investigating a client's setup and they are running Snort 22.214.171.124.
The snort conf file has the following line:
*output unified2: filename unified2.alert*
Snort is being run with an explicit '-l' switch to set the log directory.
When I run a pcap thru the engine that generates an alert, the unified2
alert filename in the log directory looks like this (note the leading
period and lack of appended timestamp):
Is this a known bug with this version of Snort? Any other reason why this
would be happening?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel