[Snort-users] Some Events are not logging to the snort logs.

Josh Lutz jlutz at ...4503...
Tue Jan 8 12:33:16 EST 2002

I check /var/log/authlog and I see attempts by the Code Red II worm
testing my perimeter (coming in, not going out.) However, when I look at
the snort logs, I do not see any record of the attempt. As I understand
it, my snort log should capture these attempts and send an alert. As a
new user to Snort, I am uncertain at best, but to aid any one assisting
me, I am starting snort via the following cmd line:
[path to snort]/snort -i xl1 -d -c [path to snort.conf] -l
/home/snort/ext_log -s -b -D
Any help would be greatly appreciated.
Joshua Lutz
Network Engineer, ESI Enterprises, Inc.
1188 Centre Street
Newton Centre MA 02459
p. 617.527.4343 x107
f. 617.527.3303
e. jlutz at ...4501...

More information about the Snort-users mailing list