[Snort-users] (spp_portscan2) lines in alert file

Julio E. Gonzalez P. jegp at ...8756...
Thu Apr 3 06:23:38 EST 2003


How can I make Snort (2.0.0rc2) to NOT put any line about port scannings 
(spp_portscan2 lines) in the alert file (/var/log/snort/alert) and put 
that info ONLY in the file /var/log/snort/scan.log  ?

I want to clean up my alert file, but also want to know about the port 
scannings.

Thanks.
Julio.






More information about the Snort-users mailing list