[Snort-users] -l parameter

twig les twigles at ...131...
Tue Dec 9 16:44:04 EST 2003

I'm executing these commands in
> crontab:
> 3 16 * * * find /var/log/snort -atime +7 -exec rm -rf {} \;
> 4 16 * * * mkdir /var/log/snort
> The mkdir was necessary because "rm -rf" removes the snort
> directory.  Is 
> it possible to avoid this?  Thanks again for the advice from
> both of you.

Well you could erase things *inside* the directory, which it
looks like that command does.  I'd have to tinker with it, no
time.  But as an alternative have you tried newsyslog (man 8
newsyslog)?  If you don't get into the ISO 8601 time formatting
garbage it should take you about 5 minutes to set up log
rotation.  If you get into the ISO 8601 hooha it should take 10.

Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard

More information about the Snort-users mailing list