[Snort-users] snort logs

Ilya mail at ...3442...
Sun Sep 16 15:52:01 EDT 2001


thanks guys for help with starting the snort. on reading FAQ i see this: In
the past, running Snort in daemon mode (-D) produced a file named
   "snort.alert".  For consistency sake, this has been changed. Running
   Snort in both standard or daemon modes (-D) will produce a file named
   "alert".


but i still have snort.alert in my logging folder. its in some cryptic
format, so several questions arise:
        1) why do I have snort.alert and alert files?
        2) how do i read snort.alert or say snort.log
        3) what information is kept in snort.log ? (since its unredable to
human eye)
        4) also though i nmap scanned mysql from remote locations several
times portscan.log is still empty ...





More information about the Snort-users mailing list