[Snort-users] Question on /var/log/snort directory
mkettler at ...4108...
Tue Apr 29 14:55:03 EDT 2003
Those files will contain ASCII packet dumps of packets that triggered
alerts. You can make snort use the much faster tcpdump binary format for
these dumps by enabling "log tcpdump" in your snort.conf.
At 04:46 PM 4/29/2003 -0400, stormshadow wrote:
>I was hoping someone could explain some things to me about this
>I have 4 subdirectories (named after the 4 computers' IPs in my lan) in
>the /var/log/snort directory. Within each directory is something
>similar to this stuff:
>the list goes on and on for each IP. Any ideas?
More information about the Snort-users