[Snort-users] Snort Logging
cghawthorne at ...131...
Fri Nov 24 21:54:06 EST 2000
How do I tell Snort to log all attacks in a single log
file "/var/log/snort/snort.log"? Right now it logs
them in "/var/log/snort/xxx.xxx.xxx.xxx/TCP:from
port-to port". Where xxx.xxx.xxx.xxx is the source IP
address and "from port" is the originating port and
"to port" is the destination port. I am using Snort
1.5.1-11 that comes with Debian Potato.
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
More information about the Snort-users