[Snort-users] Update -> Logging question

Ralf Hildebrandt Ralf.Hildebrandt at ...3909...
Tue Nov 20 05:37:03 EST 2001


I have a logging question after upgrading my snort.conf (I have been using
an old snort.conf, but decided to throw out the old junk).

I used to use logging of alerts to syslog and packet traces in tcpdump
format to a file.

I'd like to log the alerts to a plain text file instead of using the extra
overhead of using syslog, and keep the packet traces in the binary tcpdump
format file. 

Ralf Hildebrandt                            Tel.  +49 (0)30-450 570-155
                                            Fax.  +49 (0)30-450 570-916
Sendmail: Shiva as a postman. Many arms delivering mail, dancing,
taking drugs, destroying as it sees fit. Often makes creative changes
to the mail for kicks, but ultimately can be persuaded to do anything
with the right incantation...and that includes giving you other
people's mail.  

More information about the Snort-users mailing list