[Snort-users] Logfile Problem

kai.hanisch at ...2897... kai.hanisch at ...2897...
Tue May 7 05:37:04 EDT 2002


Hi all,

I've got a problem with the logfiles. In syslog it says: 

> May  7 06:25:06 debian snort: FATAL ERROR: ERROR in OpenAlertFile() => 
fopen() alert file /var/log/snort/alert: Permission denied

The strange thing is, snort actually DOES log to /var/log/snort/alert, but 
it seems to have problems writing to portscan.log, although it recreates 
the file every day...
This is how I am running snort:

> root     22330  0.3  4.5  7384 5720 ?        S    May03  20:18 
/usr/local/bin/snort -D -d -i eth0 -l /var/log/snort -h 130.143.147.0/22 
-c /root/rules/snort.conf

All files in /var/log/snort have permissions 600 and belong to root:root.

Thanks for any help

Kai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020507/1a50f7dd/attachment.html>


More information about the Snort-users mailing list