[Snort-sigs] I don't want scan.log

Mann E. Schevitz manny at ...1822...
Fri Aug 29 09:44:13 EDT 2003


It's a hack, but why not just:

ln -s /dev/null scan.log

> -----Original Message-----
> From: Dan Monjar [mailto:daniel.monjar at ...1816...]
> Sent: Thursday, August 28, 2003 11:34 AM
> To: snort-sigs at lists.sourceforge.net
> Subject: [Snort-sigs] I don't want scan.log
> 
> 
> Apologies if this is the wrong list... pointers to the right one
> appreciated.
> 
> I'm running 2.0.1 and am starting it with
> 'nohup snort -N -c /snort/rules/snort.conf -h 10.155.0.0/16 -b -i fxp0 -l
> /snort/alerts -d &'
> 
> I am logging to a MySQL db and using ACID for reporting.  Can I start snort
> so that it will not create an scan.log file and possible not create an
> alerts file while still logging to MySQL and giving ACID what it needs?
> 
> with the latest Blaster stuff happening my scan.log file is filling up a
> 8GB partition nightly:
> 
> [root at ...1817... alerts]# ls -lk
> total 8532988
> -rw-------  1 root  users    69844992 Aug 28 09:06 alert
> -rw-------  1 root  users  8663441321 Aug 28 10:41 scan.log
> -rw-------  1 root  users      101195 Aug 27 16:03 snort.log.1061991458
> -rw-------  1 root  users       85220 Aug 28 10:27 snort.log.1062014764
> 
> 
> --
> Daniel Monjar
> Manager, Technical Services
> bioMérieux, Inc.
> Durham, NC US
> 
> 
> --
> Daniel Monjar
> IS Manager, Technical Services
> bioMérieux, Inc.
> Durham, NC US
> 
> 
> ******************************
> 
> This e-mail message, including any attachment(s), is intended only for the
> use of the individual or entity to which it is addressed and may contain
> information that is privileged and/or confidential. You are hereby notified
> that any use, dissemination, distribution and/or reproduction of this
> message and or any attachment(s) by unintended recipients is unauthorized
> and may be unlawful. Thank you for your cooperation.  
> 
> Lightship Telecom
> www.lightship.net 
> 
> ****************************** 
> 
> 
> 
> 




More information about the Snort-sigs mailing list