[Snort-users] "File size limit exceeded" message...

Peter Bates peter.bates at ...79...
Wed Sep 19 03:36:10 EDT 2001

Hello all...

Snort 1.8.1 on Linux (fairly stock RH 7.1),
logging to MySQL with ACID...

I made the mistake today of tinkering with the
configuration, when all was running smoothly...

Now it doesn't start up in the background,
so I tried running it in the foreground, and get:

Rule application order: ->pass->activation->dynamic->alert->log

         --== Initialization Complete ==--

-*> Snort! <*-
Version 1.8.1-RELEASE (Build 74)
By Martin Roesch (roesch at ...1935..., www.snort.org)
File size limit exceeded

... err??? Anyone any idea what this message means?

Ohh... I'm also logging to syslog and to a file
in /var/log/snort, as well...

du -sh /var/log/snort/*
37M     /var/log/snort/alert
44M     /var/log/snort/portscan.log

naturally the log-files have sort of, well, got a bit
bigger with the arrival of first Code Red, and then Nimda... :)

More information about the Snort-users mailing list