[Snort-users] Snort Logs
Demetri Mouratis
dmourati at ...3877...
Wed Sep 17 11:32:21 EDT 2003
On Wed, 17 Sep 2003, Keaton, Lindamaria wrote:
> Hello,
>
> I'm running snort 2.0 on Linux 9.0. Does anyone know how to rotate
> /var/log/snort/alert when it reaches certain size?
>
You could use logrotate with the size option for this.
"/var/log/snort/alert" {
rotate 30
size=100k
postrotate
kill -HUP `pidof /usr/local/bin/snort`
endscript
}
And upgrade to snort 2.0.1 while you are at it.
---------------------------------------------------------------------
Demetri Mouratis
dmourati at ...3878...
More information about the Snort-users
mailing list