[Snort-users] Re: Syslog and Full Alerting
john at ...1477...
Mon Mar 12 17:57:07 EST 2001
<<< UPDATE >>>
If we traverse back a few weeks, Jed pointed out to me I this fine group, that
although this may generate copious output, It overrode my snort.conf. and
logging to my database stopped. A major downside to say the least. Needless to
say at this point... although snort doesn't complain, It is not the preferred
way to handle what I was trying to do. Now I try not to override my config
file. : )
Thanks guys, sometimes I feel so new.
On Mon, 12 Mar 2001 14:04:19 -0800, Dan Zerkle said:
> John_Delisle at ...1523... wrote:
> > > Is it possible to use syslog and
> > > full alterting at the same time?
> Marty writes:
> > Try using the -l option to specify a
> > logging directory and let us know
> > if that works. Additionally, make sure
> > you're not specifying any
> > alerting options on the command line,
> > specify them in the config file.
> Bob Staaf wrote:
> > > Can you use "-s" and "-A full" together
> > > on the same command line?
> Marty wrote:
> > No, you can't do this. Snort could probably
> > be modified to do this, but
> > the proper way to do it is through the config file.
> I (probably) modified snort to do this, and gave the new code to
> I haven't tested it at all, but John reports that it "works
> great" for him.
> Is this something I should submit? It's really quite trivial,
> and at least two people seem to want the feature.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
--- CHAOS -Where Great Dreams Begin ---
Befor a great vision can become reality there may be difficulty. Befor a person
begins a great endeavor, they may encounter chaos.
As a new plant breaks the ground with great difficulty, foreshadowing the huge
tree, so must we sometimes push against difficulty in bringing forth our
"Out of Chaos, Brilliant Stars are Born."
I-Ching Hexagram #3
More information about the Snort-users