[Snort-users] Snort not logging to alert!
lists at ...297...
Sun Apr 1 16:39:36 EDT 2001
I just put together a new snort sensor today and loaded up 1.7...
I think I have everything configured properly however I'm not getting alerts to my alert! file. however
My syntax is the following:
snort -d -D -e -l /usr/snortlogs -v
Under /usr/snortlogs I have an "alert!" file as well as the directories that are created.
Ok so I do a "tail -f alert!" then I go to another machine (an attacking machine and I do a portscan or attempt a dot dot attack "http://10.129.1.1/../../../" and I get no alerts.
Any Ideas? the file snort.conf is read by default correct?
Another quick question if I was to use the "-s Log alert messages to syslog" switchs are the alerts also logged to the alert! file or just the syslog?
More information about the Snort-users