[Snort-users] snorting as a daemon ?
dr at ...381...
Wed Aug 30 01:54:35 EDT 2000
On Tue, 29 Aug 2000, Jim Smart wrote:
> I am sure I am missing something here, but not sure what.
> #snort -c /var/log/snort/rules.conf -A full -d
> works fine, but if I try and daemon it with the command
> #snort -c /var/log/snort/rules.conf -A full -D
> from which it does initialise as a daemon, but I see no output
> in the alert file, nor are packets captured.
It's not necessarily intuitive, but -d dumps packet data to the screen
while in daemon mode logging is controlled by the rules file so there is
no default capture.
As far as alerts...have you looked in /var/log/snort ?
dursec.com ltd. / kyx.net - we're from the future
pgp fingerprint: 18C7 E37C 2F94 E251 F18E B7DC 2B71 A73E D2E8 A56D
pgp key: http://www.dursec.com/drkey.asc
More information about the Snort-users