    find /var/log/snort -atime +7 -type f -exec rm -rf {} \;

instead of

    find /var/log/snort -atime +7 -exec rm -rf {} \;

The -type f lists just files, not directories

Thanks to John and Michael's advice, I've removed the -N parameter from the
Snort command line so it will indeed log to a directory in case I lose
communication with my db.  I'm executing these commands in crontab:

3 16 * * * find /var/log/snort -atime +7 -exec rm -rf {} \;
4 16 * * * mkdir /var/log/snort

The mkdir was necessary because "rm -rf" removes the snort directory.  Is it
possible to avoid this?  Thanks again for the advice from both of you.

Adam Peterson | Senior WAN Engineer | SPL WorldGroup |
adam_peterson at ...10608... | +1.415.357.4787

