[Snort-users] >2Gb capture files

Ralf Hildebrandt Ralf.Hildebrandt at ...821...
Mon Jun 25 07:24:28 EDT 2001


On Mon, Jun 25, 2001 at 12:37:21PM +0200, vogt at ...2362... wrote:

> look at what kernel 7.1 uses. the 2.4 kernel series supports files larger
> than 2 gb (anyone
> know where the new upper limit is?). so if 7.1 is 2.4.x then you should be
> fine. or you could stay at 7.0 and just upgrade the kernel.

But, really, try restarting snort maybe once a day.

Snort creates a new binary logfile. You can delete old files simply by
using find. 

It's a non-problem...
-- 
ralf.hildebrandt at ...821...                            innominate AG
Technical Consultant                   Don't be afraid of what you see -
Diplom-Informatiker                     be afraid of what you don't see!
tel: +49.(0)7000.POSTFIX                        fax: +49.(0)30.308806-77





More information about the Snort-users mailing list