[Snort-users] disable /var/log/snort logging
bamm at ...539...
Thu May 8 06:12:09 EDT 2003
Attach the database plugin to the 'alert' facility vice the 'log' facility when using -N.
output database: alert, postgresql, user=snort dbname=snort
output database: log, postgresql, user=snort dbname=snort
On Wed, May 07, 2003 at 04:48:13PM -0700, Nick White wrote:
> You're right, the -N option turns off packet logging. Sure it doesn't
> write to the disk, but it turns off packet logging within mysql as well
> - not cool. Surely there is a way to have snort log everything to mysql
> (even packet logging), without dumping data to the hard drive. I just
> can't figure out how. I'm starting snort with -b (binary logging)
> option, which takes care of it crashing after a few minutes under a
> really heavy load. Even still, logging to the disk is a total waste
> because I'll never do anything with the binary logs.
More information about the Snort-users