[Snort-users] -l parameter

adam_peterson at ...10608... adam_peterson at ...10608...
Tue Dec 9 16:26:01 EST 2003


Thanks to John and Michael's advice, I've removed the -N parameter from 
the Snort command line so it will indeed log to a directory in case I lose 
communication with my db.  I'm executing these commands in crontab:

3 16 * * * find /var/log/snort -atime +7 -exec rm -rf {} \;
4 16 * * * mkdir /var/log/snort

The mkdir was necessary because "rm -rf" removes the snort directory.  Is 
it possible to avoid this?  Thanks again for the advice from both of you.

Adam Peterson | Senior WAN Engineer | SPL WorldGroup | 
adam_peterson at ...10608... | +1.415.357.4787
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20031209/37cdae1a/attachment.html>


More information about the Snort-users mailing list