[Snort-users] Alerts of format TCP:1297-23
paul.bobby at ...178...
Tue Aug 1 10:26:20 EDT 2000
How do I generate these alerts such that snortsnarf can work with them?
I managed to do this once accidently, but now can't seem to do it.
my command line is
snort -de -A full -l /vol01/snort/log -h xxx.0/24 -c snort-lib -D
regardless of the -l parameter, snort still creates snort.alert in /var/log,
however the binary log files are put into the -l parameter directory.
But no log files like TCP:1297-23 style
<dream> Got Root? </dream>
More information about the Snort-users