[Snort-users] alert file, database output?!?!

Erek Adams erek at ...950...
Thu Jan 16 07:23:09 EST 2003


On Thu, 16 Jan 2003, Federico Lombardo wrote:

> I've already checked  mailing list.

Oh, really?  Hrm....

> The problem is that logging rules described in my snort.conf send all to a
> database, I don't mentione about an alert file, so It's strange that snort
> logs to a database for normal alerts, and for bad traffic evasion and
> insertion alert to a file, doesn't it ?

Nope.  It's the difference in alert vs. log.  Have a look [0].

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


[0]	http://marc.theaimsgroup.com/?l=snort-users&m=101206451617790&w=2
	http://www.theadamsfamily.net/~erek/snort/logging_methods.txt




More information about the Snort-users mailing list