[Snort-users] Re: Log vs Alert

SRH-Lists giermo at ...8381...
Thu Jun 26 13:28:04 EDT 2003


> How about this?  I want to write alerts to the database but 
> nothing at all 
> in text.
> 
> output database: alert, mysql, user= password= dbname= host=
> output log_null
> 
> This will make it so I dont have to worry about that damn 
> /var/log/snort/alert file.  But this
> output database: log, mysql, user= password= dbname= host=
> output log_null
> 
> Doesnt seem to work, /var/log/snort/alert still appears and 
> gets big and 
> slows down snort.  Why does this work for output database: 
> alert but not 
> database: log?
> 

add a -A none to your commandline and bye bye /var/log/snort/alert.


-steve




More information about the Snort-users mailing list