[Snort-users] alert

snortlst snortlst snortlst at ...125...
Tue Oct 16 11:20:20 EDT 2001

Snorts log everything in /var/log/snort
I see there alert file and directopries with ip addresses naming convention.
(NDIS mode)
Is that correct to say that ALL alerts are put into alert file and I
shouldn't browse all those directories?
What those directories (ip addresses) are for?

More information about the Snort-users mailing list