[Snort-users] one other item

Slighter, Tim tslighter at ...5174...
Mon Apr 28 10:06:05 EDT 2003


with snort-inline + mysql.  It appears that all sessions are logged, very
similar to the session being "tagged" and these show up in the
/var/log/snort directory according to intruder IP

Change the mysql line in snort.conf from "log" to "alert" and also run the
snort-inline daemon with -o and the behavior becomes:

intruder IP address is no longer logged but victim IP is

have not yet found a way to prevent any session logging

everything still shows up in mysql
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030428/f5d54e3d/attachment.html>


More information about the Snort-users mailing list