[Snort-users] Output Plugin - log_ascii

Frank Knobbe fknobbe at ...652...
Tue Dec 3 09:56:04 EST 2002


On Tue, 2002-12-03 at 10:49, L. Christopher Luther wrote:
> In previous posts regarding logging output, it was noted by some that
> Snort apparently has an undocumented output plugin called
> "log_ascii", which is the default logging facility if none other is
> specified.  And supposedly one can add the option "output log_ascii"
> to the snort.conf file to re-enable the ASCII logging facility along
> side other logging facilities (e.g., output database: log, ...).  
> 
> However, when I specify this plugin in my snort.conf file, both Snort
> 1.8.6 and 1.8.7 return the following warning when started:  
> 
>     *WARNING*: unknown output plugin "log_ascii", ignoring!
> 
> Is this output plugin something new to Snort 1.9.x or something else?


Christopher,

I'm not aware of a 'log_ascii' plugin in Snort 1.8.x. I get all the app
layer info in ascii format by using 'alert_full' and specifying the
'Dump Application Layer' option in the command line (I think it is -d).

Hope this helps,
Frank

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20021203/da68deba/attachment.sig>


More information about the Snort-users mailing list