[Snort-users] alert_syslog & alert_full

Martin Roesch roesch at ...421...
Mon Jan 29 11:28:11 EST 2001


It's possible, you should use the config file to do it.  I received an
(as yet unconfirmed) bug report this morning that you probably need to
use the "-l" switch if you're going to combine these plugins, the
default pathing isn't working properly when both are specified.

    -Marty

Fabrice wrote:
> 
> Hello,
> 
> Is it currently possible (1.7 or CVS) to use alert_syslog and
> alert_full/alert_fast simultaneusly?
> 
> There was a mail talking about what changed when the logging
> options where added on the command line. It said that a Log
> type options will unload all Alert type plugins, and Alert type
> options will unload all Log type plugins. There were an example
> invoking the "-A fast" that would unload the syslog plugin. Why?
> -A fast = Alert type, and Syslog = alert type...
> 
> Thanks in advance :)
> 
> Fab
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users

--
Martin Roesch
roesch at ...421...
http://www.snort.org




More information about the Snort-users mailing list