[Snort-users] Alert file exceeds 2GB
halljer at ...8709...
Thu Apr 17 09:30:08 EDT 2003
The problem that I'm running into is importing a snort log file in
tcpdump format into a mysql db using snort. While importing this log
the alert file grows to the filesystem 2GB limit and then exits. My
question is why does it write to the alert file when I'm importing into
mysql. The snort.conf file that I'm using only has this for the output
output database: log, mysql, user=***** password=***** dbname=snort
Command line syntax:
/usr/local/bin/snort -dve -c /usr/local/snort/etc/snort.conf -l
/usr/local/snort_logs/tcplogs/snort-0417\@0000.log &> /dev/null
Any advise would be greatly appreciated.
More information about the Snort-users