[Snort-users] Confused about Fatal Error
ed at ...3483...
Fri Sep 13 10:00:02 EDT 2002
I have Snort ver 1.8.7 running on a RH 7.2 machine using Mysql and running
From the init script:
daemon /usr/local/bin/snort -u snort -D -c /etc/snort/snort.conf
output database: alert, mysql, user=snort password=XXXXX dbname=snort
It's been running fine until the last day or so when I started getting:
snort: FATAL ERROR: ERROR: OpenLogFile() =>
mkdir(/var/log/snort/220.127.116.11) log directory: Permission denied
I changed /var/log/snort to snort.snort and 700 but it continues.
My first question is if I am using Mysql, why does it still write the ip logs?
Secondly, if I start it as snort, why does it write the ip logs as rppt.bin?
drwx------ 2 root bin 4096 Sep 10 13:37 18.104.22.168
Thanks in advance for any advice...
Los Angeles, CA
. . . . . . . .
Conscience is the inner voice warning us that someone may be looking.
More information about the Snort-users