[Snort-users] Re: Syslog and Full Alerting

Dan Zerkle dzerkle at ...1512...
Mon Mar 12 17:04:19 EST 2001


John_Delisle at ...1523... wrote:
> > Is it possible to use syslog and 
> > full alterting at the same time?

Marty writes:
> Try using the -l option to specify a 
> logging directory and let us know
> if that works.  Additionally, make sure
> you're not specifying any
> alerting options on the command line,
> specify them in the config file.


Bob Staaf wrote:

> >      Can you use "-s" and "-A full" together
> > on the same command line?

Marty wrote:
> No, you can't do this.  Snort could probably
> be modified to do this, but
> the proper way to do it is through the config file.

I (probably) modified snort to do this, and gave the new code to
John.

I haven't tested it at all, but John reports that it "works
great" for him.

Is this something I should submit?  It's really quite trivial,
and at least two people seem to want the feature.

-Dan




More information about the Snort-users mailing list