[Snort-users] Snort not logging to alert!

lists lists at ...297...
Sun Apr 1 16:39:36 EDT 2001


Hello all....

I just put together a new snort sensor today and loaded up 1.7...

I think I have everything configured properly however I'm not getting alerts to my alert! file. however

My syntax is the following:
  
   snort -d -D -e -l /usr/snortlogs -v

Under /usr/snortlogs I have an "alert!" file as well as the directories that are created.

Ok so I do a "tail -f alert!" then I go to another machine (an attacking machine and I do a portscan or attempt a dot dot attack "http://10.129.1.1/../../../" and I get no alerts.

Any Ideas? the file snort.conf is read by default correct?

Another quick question if I was to use the "-s Log alert messages to syslog" switchs are the alerts also logged to the alert! file or just the syslog?


Thanks all!!!

Joe Magee





More information about the Snort-users mailing list