[Snort-users] unix time appended to snort log

Steven Wo mrvinci at ...131...
Fri Jan 10 10:59:07 EST 2003


Hmmm. I guess it sounds like it isn't possible to drop
the unix time being appended to the log files if I'm
using the -l and -L flags. I have multiple interfaces
and a specific naming scheme... Oh well, thanks!

Steven

--- "Gonzalez, Albert" <albert.gonzalez at ...7950...>
wrote:
> If you want to just log to /var/log/snort/alert 
> 
> that is the default logging mechanism... so just
> drop -l and -L .....
> 
> Cheers!
> 
> Alberto Gonzalez
> Intrusion Detection Systems - GSOC
> Security and Privacy Professional Services
> 
> 
> 
> 
> 
> -----Original Message-----
> From: Steven Wo [mailto:mrvinci at ...131...]
> Sent: Wednesday, January 08, 2003 5:55 PM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] unix time appended to snort
> log
> 
> 
> Hi guys,
> 
> I am currently running snort 1.9.0 on the latest
> FreeBSD stable. Snort 1.9.0 outputs log files in the
> following format: name.unix time. 
> 
> For example: at the command line, I type "snort -i
> <interface> -l /var/log/snort/<interface> -L
> example"
> The log files will then be named
> "example.1042063205"
> 
> Question: Is there a way to have snort NOT append
> the
> log file with unix time? As it formally did in snort
> 1.8.6? If not, is this planned functionality?
> 
> Thanks!
> Steven
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> http://mailplus.yahoo.com
> 
> 
>
-------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld =
> Something 2 See!
> http://www.vasoftware.com
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




More information about the Snort-users mailing list