[Snort-users] snort 1.8.6 + OpenBSD 3.2-stabl

larc larc at ...1187...
Mon Dec 9 02:57:02 EST 2002


Well the best tip that I can give is, go to www.snort.org and download snort 1.9
Version 1.8.6 is really old and there are no signatures for it anymore.

Stefan D.

 Darren <darren at ...7695...> wrote:
Hello snort-users,
>After spending all afternoon on this, I need some tips.
>I am using OpenBSD 3.2-stable and snort 1.8.6 compiles from ports.
>I can't get snort to write csv output.  Is this a known issue or
>am I doing something wrong?
>output alert_syslog: LOG_AUTH LOG_ALERT
>output csv: /var/log/snort/snort.log msg,proto,timestamp,src,srcport,dst,dstport
>-bash-2.05b$ ls -ld /var/log/snort
>drwxr-xr-x  2 snort  snort  512 Dec  8 17:31 /var/log/snort
>-bash-2.05b$ ls -l /var/log/snort/snort.log
>-rw-r--r--  1 snort  snort  0 Dec  8 17:31 /var/log/snort/snort.log
>I have to launch snort like this so it writes into /var/log/snort/
># snort -v -u snort -g snort -l /var/log/snort -D
>-bash-2.05b$ ps auxw | grep snort
>snort    21995 31.8  0.0   664   644 ??  Ss     5:38PM    0:14.62 snort -v -u snort -g snort -l /var/log/snort -D
>Interestingly without the -l option it won't write there, but this
>is less important.
>I'd like syslog and csv output.
>Snort was build like this
># cd /usr/ports/net/snort
># make install
>-bash-2.05b$ grep LOG_AUTH /usr/include/syslog.h
>#define LOG_AUTH        (4 Snort! 

More information about the Snort-users mailing list