[Snort-users] rotating logs?
erek at ...577...
Mon Sep 23 11:26:02 EDT 2002
On Mon, 23 Sep 2002, /dev/null wrote:
> We'd like to have our binary snort log rotate out every 24 hours without
> interupting snort. This way we can store a month (or more) of network
> activity to post-analize activity if we see something suspicious and
> want to back-track.
> What would be an easy way to copy the current log out and re-start it
> without losing any data?
Send Snort a SIGHUP. Snort will drop restart and close all open files. Once
it closes the binary file have a scipt move the old log to another name or
More information about the Snort-users