[Snort-users] Same question again..

Erek Adams erek at ...577...
Sat May 25 11:55:03 EDT 2002


On Thu, 23 May 2002, C Boss wrote:

> Guys, help me out here please. This is the second time I have put out this
> question. Is the question plain stupid or do you need more information.
> Please let me know.
>
> "I want to log in a binary format and thus am using the -b option. I am also
> logging all alerts to syslog. So I have something like LOG_LOCAL7 LOG_ALERTS
> in the snort.conf file.
>
> The problem is that if I use the -b oprion with Snort, I don't see any
> alerts in the syslog.
>
> Do the two don't work together ?"


Actually, you can answer your own question.

Ever see the phrase "Command line options override....."?  Snort is telling
you that if you put something in the .conf file it's overriden by using a
command line option.

Use John Sages' suggestions and move it all into the .conf file.  It'll work.
:)

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





More information about the Snort-users mailing list