[Snort-users] Output plugin name?

Fabrice fabrice at ...1224...
Tue Sep 25 17:02:03 EDT 2001


Hello,

What's the output plugin name (for the snort.conf file)
that is equivalent to logging alerts with a directory per
IP address?

Because "alert_fast" and "alert_full" works only for a
single file like "snort.log", not on a directory.

The objective is to have the "standard" logging (the
one that groups alerts per IP address using directories),
the syslog and the "all in one file" alert work together.

Thanks for your answers,

Fabrice





More information about the Snort-users mailing list