[Snort-users] how do I stop snort logging to /var/log/snort and only the database?

Jesus Couto jesus.couto at ...3830...
Tue Oct 30 08:56:02 EST 2001


Hi,

What I'm doing is to run snort as a non root user, chrooting it
to a directory, and enabling the log_tcpdump output pluging
to log to a null device on that directory, giving it the full path
of the null device.

With this configuration you dont get any text log in any directories,
but you cant restart Snort in daemon mode.

Just a few days ago I asked to the list if there is a better way to
do this, but nobody has answered yet :-(

Good luck,
          
                                                               Jesús 
Couto F.






More information about the Snort-users mailing list