[Snort-users] RE: Win users - HELP

L. Christopher Luther CLuther at ...6333...
Mon Jan 13 11:28:01 EST 2003


You cannot mix command line output parameters (e.g., -A fast, -b, -s, etc.)
with output parameters in the snort.conf file (e.g., ); the command line
parameters will override those in the snort.conf file.  It is my
understanding that this functionality by design.  

If you want to log alert data to a CSV file, drop the output command line
parameter '-s localhost' and only specify the CSV output plugin in the
snort.conf file:  

    output CSV: C:\snort\log\alert.csv default  

The plugin requires two arguments: a full pathname to a file and the output
formatting option.  The output formatting option of 'default' will capture
all alert data.  Check out the snort docs for more information

Hope this helps.  


-----Original Message-----
From: Sh J [mailto:shay_work at ...131...]
Sent: Saturday, January 11, 2003 5:54 PM
To: L. Christopher Luther
Subject: RE: Win users - HELP

Hello Christopher, 

Nice to write u, Thanks for the answear. 
I'm useing compiled version Snort-1.9.0-win32.exe and i manage to log alert
to log 
file (packet logger, -l ./log)  and to syslog file( -s localhost) on local

Hope that help u Thanks anyway. 

 "L. Christopher Luther" <CLuther at ...6333...> wrote: 


Can you be a little more specific:  

Where did you get the distro of Snort?  

Was it precompiled?  

You say you're getting alerts, how do you know?  Are you also logging
somewhere else, and if so, how?  



-----Original Message----- 
Date: Fri, 10 Jan 2003 05:26:29 -0800 (PST) 
From: Sh J <shay_work at ...131...> 
To: Snort-users at lists.sourceforge.net 
Subject: [Snort-users] Win users - HELP 
Content-Type: text/plain; charset=us-ascii 

Hello u all, 

I realy need u all win users i'm running snort 1.9 on win2000 all o.k, until
i tried log 
all the alerts to csv file nothing is writting into the file and i get
does anyone got an idea, Do i need to install somthing or it already build
in the 

does someone manage to do that? 

And What about Snmp Traps with windows????? 

Any Help will DO THANKS 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030113/2f7c4426/attachment.html>

More information about the Snort-users mailing list