[Snort-users] Appending to binary file logs.

Martin Roesch roesch at ...421...
Thu Mar 22 00:59:23 EST 2001


It will create chaos.  IF you want to do that, we need to change some
code to get it to append to the file instead of overwriting it. 
Alternatively, you can use tcpslice to concatenate tcpdump files in a
post-processing manner...

     -Marty


"Scott A. McIntyre" wrote:
> 
> Hi,
> 
> Would there be a problem with coercing snort into writing it's binary
> logs to the same file, hopefully appending, rather than creating a new
> file for each hour/minute/day/month?
> 
> Specifically, for example, I'd like just a day/month log file, or maybe
> even just a "hostname" log -- will this create chaos in the universe or
> will it Do The Thing I'd Like To Be The Right Thing?
> 
> Thanks,
> 
> Scott
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users

--
Martin Roesch
roesch at ...421...
http://www.snort.org




More information about the Snort-users mailing list