[Snort-users] Snort does not handle alert file being turned over.

Ian Macdonald secsnort at ...5528...
Wed Aug 21 19:55:03 EDT 2002


Does that work when logging in tcpdump format as well?

thanks

On Sun, 18 Aug 2002, Robert D Hughes wrote:

> You need to instruct newsyslog to send a HUP to snort. man newsyslog for more detailed information.
>
> 	-----Original Message-----
> 	From: SW [mailto:samwun at ...6596...]
> 	Sent: Sun 8/18/2002 2:51 AM
> 	To: snort-users at lists.sourceforge.net
> 	Cc:
> 	Subject: [Snort-users] Snort does not handle alert file being turned over.
>
>
>
> 	Hi,
>
> 	I don't know whether this is truth or not. Snort 1.8 doesn't handle the alert file being turned over.
> 	The file is modied by newsyslogd.
>
> 	Is there another way to turn over the aler file? or I can still use newsyslogd to turn over the snort alert file?
>
> 	Thanks
> 	Sam
>
> 	N����������uH����j���u���������y���������������
>
> �������������������������������������������+,������X���'���u��9 ��8�y�������W\zYi����g�jw����~��DA���i����
��za�x���&�����������
���}�
{�}�������������������������������������Jz+���z�&j)b�	b�����������b������q������F��-�+D�hr����z�)�*'���������m����l�����l��.�����
�w��X������b��?�z+���z������
��b���r�{�m����
0��r�����r����b����i��b������

>





More information about the Snort-users mailing list