[Snort-users] Logging of packets
richardoyh at ...125...
Wed Sep 27 03:39:25 EDT 2000
I understand that it is possible to log session using snort. I have tried to
log telent session using the following line in the rules file. It works very
log tcp any any <> $IP 23 (session: printable;)
However when the following line was added to log syslog traffic, snort
complain that it cannnot find the session file
log udp any any <> $IP 514 (session; printable;)
Is there any thing that I have missed out? If it is not possible to log this
traffice as a session, is there a way to log the syslog packets? Thanks in
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
More information about the Snort-users