[Snort-users] Socket Alerts

Fyodor fygrave at ...121...
Tue Feb 5 05:05:07 EST 2002


Daniel J Camero <camero at ...4857...> spoke:
> Hi,
> I am trying to set up snort in such a way that I can read the alerts
> through a unix socket.  When I run it with the -A unsock option an
> error is generated about the file not existing (/dev/snort_alert).  I

it is just a warning, when snort is started your 'daemon' program should
already be running :-)

> can't seem to find any documentation on how to run the system with
> alerts coming over the sockets.  Thanks for the help.


see README.UNSOCK in snort's tarball.




More information about the Snort-users mailing list