[Snort-users] Restarting Snort Loses Logs

Phil Wood cpw at ...440...
Tue Mar 26 13:26:12 EST 2002


Try using -L `date x'+%y%m%d%H%M'`.log on the assumption that command line
arguments will override your conf file.

  x would be a unique instance mnumonic.

On Tue, Mar 26, 2002 at 12:07:19PM -0800, Uriah Hagen wrote:
> When I restart Snort the original binary log file disappears and the new 
> log file is created, any ideas here?
> 
> Snort Version 1.8.4 (Build 99), Solaris 7.
> 
> /usr/local/snort/bin/snort -c /usr/local/snort/rules/snort.conf  -i hme1 -o -D
> 
> # Configure output plugins
> #
> #
> 
> output log_tcpdump: snort.log
> 
> output alert_fast: alert
> 
> 
> I am running two instances of snort, one for each interface.  They are 
> configured identically.  I used to have each use a separate config file and 
> logging to its own log.  But not anymore.
> 
> 
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

-- 
Phil Wood, cpw at ...440...





More information about the Snort-users mailing list