[Snort-users] how do I stop snort logging to /var/log/snort a nd only the database?
Emelander at ...3910...
Sat Oct 27 13:12:33 EDT 2001
I have removed that line in the past without any success. The reason it is
there so my normal log monitoring programs can page me out when certain
events occur. Thanks for the suggestion though!
From: Martijn Heemels [mailto:martijn at ...1736...]
Sent: Saturday, October 27, 2001 3:05 PM
To: Erik Melander; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] how do I stop snort logging to /var/log/snort
and only the databa se?
-----BEGIN PGP SIGNED MESSAGE-----
isn't that simply a matter of removing the first output line you're
using so that only the database output remains?
I'm not entirely sure, since I'm not logging to a db.
Hope this helps,
> output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID
> output database: alert, mysql, user=XXXXXX password=XXXXXX
> dbname=snort host=localhost sensor_name=XXXXXX
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----
More information about the Snort-users