[Snort-users] Snort Logging

Curtis Hawthorne cghawthorne at ...131...
Fri Nov 24 21:54:06 EST 2000


How do I tell Snort to log all attacks in a single log
file "/var/log/snort/snort.log"?  Right now it logs
them in "/var/log/snort/xxx.xxx.xxx.xxx/TCP:from
port-to port".  Where xxx.xxx.xxx.xxx is the source IP
address and "from port" is the originating port and
"to port" is the destination port.  I am using Snort
1.5.1-11 that comes with Debian Potato.

Thanks!

Curtis H.

__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/



More information about the Snort-users mailing list