[Snort-users] snort + aris

Andreas Hasenack andreas at ...814...
Tue May 15 11:31:05 EDT 2001


Em Tue, May 15, 2001 at 07:52:43AM -0700, Ron 'The InSaNe One' Rosson escreveu:
> So there is no command line or config file for snort that will allow it
> to keep logging to a database while creating an alert file for aris's
> extractor to use.  It got to be something simple that we are missing.

Use two output directives in snort.conf. One for database logging, other for,
say, syslog logging, or tcpdump logging. You'll have both.





More information about the Snort-users mailing list