[Snort-users] turn off some logging
rakocy at ...4983...
Sat May 24 12:21:06 EDT 2003
I am currently running snort and would like to turn of logging to text
files on the local machine. We have no use for this anymore as the
database setup does everything. We log to the db and then pull the alerts
directly from there.
In snort.conf i have the output plugin correct. In the command line, if I
do not specify a directory to log to (-l /some/dir), snort obviously
complains about not being able to log to /var/log/snort. The only option
i could see was the -N which gives the same fatal error. I've tried -l
here is my current command line.
/bin/snort -d -i eth2 -c /etc/snort.conf -D
Running in IDS mode
Log directory = /var/log/snort
[!] ERROR: Can not get write access to logging directory "/var/log/snort".
(directory doesn't exist or permissions are set incorrectly
or it is not a directory at all)
Fatal Error, Quitting..
Any suggestions would be great.
More information about the Snort-users