[Snort-users] how do I stop snort logging to /var/log/snort a nd only the database?

Erik Melander Emelander at ...3910...
Sat Oct 27 13:12:33 EDT 2001


I have removed that line in the past without any success.  The reason it is
there so my normal log monitoring programs can page me out when certain
events occur.  Thanks for the suggestion though!

-----Original Message-----
From: Martijn Heemels [mailto:martijn at ...1736...]
Sent: Saturday, October 27, 2001 3:05 PM
To: Erik Melander; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] how do I stop snort logging to /var/log/snort
and only the databa se?


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Erik,

isn't that simply a matter of removing the first output line you're
using so that only the database output remains?
I'm not entirely sure, since I'm not logging to a db.

Hope this helps,
Martijn

> output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID
> output database: alert, mysql, user=XXXXXX password=XXXXXX
> dbname=snort host=localhost sensor_name=XXXXXX

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO9sTaBLMC0rbivl4EQJQZQCgxsrATq1wuEi0dSHmKtbMKCn9GmQAoP8Q
qdZ5N5RK1Iu2OXT97mPXAxrz
=Vv6o
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list