[Snort-users] (no subject)

Wayne T Work securitygauntlet at ...3130...
Tue Sep 24 15:04:04 EDT 2002


The log search issue is performed by using the command "grep" or utilizing a
log viewer. Ya can get plenty of those at www.linux.org under Applications.
  -----Original Message-----
  From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Roger Parx
  Sent: Tuesday, September 24, 2002 5:25 PM
  To: snort-users at lists.sourceforge.net
  Subject: [Snort-users] (no subject)


  Hi
    I am new to Snort and have a few nagging questions for the merciful
person who can spare time to reply to this mesage.

  1) I set Snort1.8 to run on a Redhat linux7.2 based machine over the
week-end and found snort halted on monday with the following message on
screen: Received signal 3, exiting.
  Is that a default timeout programmed into snort to prevent it from running
for prolonged time?
  How is it different from the "Received signal 2, exiting" signal that we
get when we exit snort using Ctrl+C.


  2) How can I search the content of multiple log files/folders
simultaneously for a string?
  For example after I have logged sufficient traffic using the command:
snort -dev ./snortlog
  ( snortlog is the folder I want to log thetraffic in )
  how can I search through the traffic of a range of ip addresses, which are
saved in folders (named after the ip addresses)

  Thank you

  Roger


----------------------------------------------------------------------------
--
  Get more from the Web. FREE MSN Explorer download :
http://explorer.msn.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020924/2ace7fbc/attachment.html>


More information about the Snort-users mailing list