[Snort-users] Offtopic - Snort packet stats

BShinn at ...4086... BShinn at ...4086...
Thu May 16 19:38:01 EDT 2002


Sending SIGUSER1 to snort will dump the stats to syslog while the program
continues to run.

While I am still learning how to do this...

If one were to write a script that grabs the pid from snort, either from a
pid file or from a grep of ps -A , then send kill -10 to that pid, snort
will dump the running stats to syslog (/var/log/messages on my RH 7.2)....

I also tried piping the output to a file as you did, but since it always
dumps it to the syslog, not the terminal, I am thinking I need to parse that
some how. 

-----Original Message-----
From: bthaler at ...2720... [mailto:bthaler at ...2720...] 
Sent: Thursday, May 16, 2002 3:30 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Offtopic - Snort packet stats

Sorry if this is a bit off topic, but:

I'm using kill -30 on my OBSD-3.0 system to view the packet stats that snort
generates.  I would like take this output and mail it to an email address,
but I'm having no luck.  Here is what I have tried so far:

kill -30 xxxx | mail -s "Snort Packet Stats" email at ...5892...
kill -30 xxxx > snortstat.txt
kill -30 xxxx | tee snortstat.txt

Funny thing is, these work fine for sending other commands to a file or
such, but not "kill" for some reason.






Sincerely,

Brad T.


_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidth at ...382...
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list