[Snort-users] Output Plugin - log_ascii
fknobbe at ...652...
Tue Dec 3 09:56:04 EST 2002
On Tue, 2002-12-03 at 10:49, L. Christopher Luther wrote:
> In previous posts regarding logging output, it was noted by some that
> Snort apparently has an undocumented output plugin called
> "log_ascii", which is the default logging facility if none other is
> specified. And supposedly one can add the option "output log_ascii"
> to the snort.conf file to re-enable the ASCII logging facility along
> side other logging facilities (e.g., output database: log, ...).
> However, when I specify this plugin in my snort.conf file, both Snort
> 1.8.6 and 1.8.7 return the following warning when started:
> *WARNING*: unknown output plugin "log_ascii", ignoring!
> Is this output plugin something new to Snort 1.9.x or something else?
I'm not aware of a 'log_ascii' plugin in Snort 1.8.x. I get all the app
layer info in ascii format by using 'alert_full' and specifying the
'Dump Application Layer' option in the command line (I think it is -d).
Hope this helps,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 307 bytes
Desc: This is a digitally signed message part
More information about the Snort-users