[Snort-users] alert file

Crist J. Clark cjclark at ...960...
Sat Jan 20 01:03:20 EST 2001


On Fri, Jan 19, 2001 at 09:35:57AM -0600, Imran Ismail Shaikh wrote:
> everytime i run snort it creates files in /var/log/snort/ directory with
> names: log, portscan and lots of other directories with IP names. Why is
> it not creating alert or snort.alert file? 
> All i can see in log file is bunch of portscans but the directories do
> contain some other activities. 
> Can anyone tell me where I m making mistake that its not generating alert
> file. btw i m running snort 1.7 with following command:
> snort -i eth0 -c <rules file> -o -s -d -D
                                   ^^
Looks like you are sending alerts to syslog rather than an alerts
file.
-- 
Crist J. Clark                           cjclark at ...485...




More information about the Snort-users mailing list