[Snort-users] rotate alert cache

Kerry Cox kerry.cox at ...9602...
Thu Jul 3 17:55:03 EDT 2003


Quick question, does anyone know of or have a simple script for rotating
out the /var/log/snort/alert file periodically? I'm sure it would be a
simple matter to write this, but why re-invent the wheel? 
I'd like to be able to append a .1 or .2 to the end of each rotated file
for archival purposes, much as the messages and secure files are rotated
out. I'd add the alert file to the regular rotation of these as well,
but want to make certain it works without killing the running Snort
process.
Thanks much.
KJ

-- 
Kerry Cox <kerry.cox at ...9602...>
KSL / Bonneville International





More information about the Snort-users mailing list