[Snort-users] loghog question

Matthew Harrell mhar at ...7038...
Mon Oct 7 10:01:03 EDT 2002


Not sure if this is an appropriate list for a loghog question, but I can't
find any online resources for issues with loghog (other than e-mailing the
author).

I'm running Snort 1.8.7 on Mandrake Linux 9.0 with loghog 0.1.

I have several entries in my loghog "ignore_hosts" file.  One node is
giving me constant false alarms, and I'm trying to get loghog to quit
sending me e-mails about it.  However, even with the entry in ignore_hosts,
I'm still getting the e-mails.  I've killed and restarted loghog, but I'm
still getting those darn e-mails.  Any suggestions from other loghog users?

-----------------
Matt Harrell
Plexus Systems
mhar at ...7038...






More information about the Snort-users mailing list