[Snort-users] -l parameter

Chris Keladis chris at ...6400...
Mon Dec 8 16:14:06 EST 2003


At 10:27 PM 8/12/2003 +0100, Dirk Geschke wrote:

> > afford to log to disk.  I have no output options logging locally.
> > Just 1 line in snort.conf for output:
> >
> > output database: alert, mysql, user=zzz password=zzz dbname=zzz
> > host=zzz sensor_name=zzz
>
>I guess all you need is the option "-N". You still need a log
>directory for snort but it won't be used. But all alerts will
>be send to the database via the output plugin.

Hrrmm.. I use -N and -l (that's L) with unified output, and i still get 
logs to the 'alert' file.

I haven't looked into it, but it always had me wondering why?




Regards,

Chris.






More information about the Snort-users mailing list