[Snort-users] Logging of packets

Fyodor fygrave at ...121...
Thu Sep 28 01:34:38 EDT 2000


~ :
~ :log tcp any any <> $IP 23 (session: printable;)
~ :
~ :However when the following line was added to log syslog traffic, snort 
~ :complain that it cannnot find the session file
~ :
~ :log udp any any <> $IP 514 (session; printable;)
~ :

but there's no such thing as session with UDP, right?




More information about the Snort-users mailing list