[Snort-users] alert

Chris Green cmg at ...671...
Tue Oct 16 12:21:13 EDT 2001


"snortlst snortlst" <snortlst at ...125...> writes:

> Snorts log everything in /var/log/snort
> I see there alert file and directopries with ip addresses naming convention.
> (NDIS mode)
> Is that correct to say that ALL alerts are put into alert file and I
> shouldn't browse all those directories?
> What those directories (ip addresses) are for?

Decoded packet dumps.  Will add this to the documentation.
-- 
Chris Green <cmg at ...671...>
This is my signature. There are many like it but this one is mine.




More information about the Snort-users mailing list