[Snort-users] snort logs
mail at ...3442...
Sun Sep 16 15:52:01 EDT 2001
thanks guys for help with starting the snort. on reading FAQ i see this: In
the past, running Snort in daemon mode (-D) produced a file named
"snort.alert". For consistency sake, this has been changed. Running
Snort in both standard or daemon modes (-D) will produce a file named
but i still have snort.alert in my logging folder. its in some cryptic
format, so several questions arise:
1) why do I have snort.alert and alert files?
2) how do i read snort.alert or say snort.log
3) what information is kept in snort.log ? (since its unredable to
4) also though i nmap scanned mysql from remote locations several
times portscan.log is still empty ...
More information about the Snort-users