cmg at ...671...
Tue Oct 16 12:21:13 EDT 2001
"snortlst snortlst" <snortlst at ...125...> writes:
> Snorts log everything in /var/log/snort
> I see there alert file and directopries with ip addresses naming convention.
> (NDIS mode)
> Is that correct to say that ALL alerts are put into alert file and I
> shouldn't browse all those directories?
> What those directories (ip addresses) are for?
Decoded packet dumps. Will add this to the documentation.
Chris Green <cmg at ...671...>
This is my signature. There are many like it but this one is mine.
More information about the Snort-users