[Snort-users] Snort-Swatch

Keaton, Lindamaria LKeaton at ...10093...
Mon Sep 29 16:38:13 EDT 2003

Ok, I've been looking at the alert.conf file majority of the day. I took
a care of the memory error I was getting now I'm getting this error.

# logsurfer -c /usr/local/etc/alert.conf

open without context in rule: '\[Classification: (.*)\] \[Priority: 1\]'
- - - 0 open
config error arround line 8: '\[Classification: (.*)\] \[Priority: 1\]'
- - - 0 open

Any ideas?

-----Original Message-----
From: Edin Dizdarevic [mailto:edin.dizdarevic at ...7509...] 
Sent: Saturday, September 27, 2003 1:55 AM
To: Keaton, Lindamaria
Cc: jon baer; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort-Swatch


Keaton, Lindamaria wrote:

> Do you have a start-up script for this?
> logsurfer -c /etc/logsurfer/alert.conf \
>            -d /etc/logsurfer/alert.dump \
>            -p /var/run/logsurfer_alert.pid \
>            -f /var/log/snort/alert

yes if you promise me to read this:



It is quite big since it's starting several logsurfer instances - for
every essential service one. Are you sure you wanna have it? How are
your shell programming skills?


> -----Original Message-----
> From: Edin Dizdarevic [mailto:edin.dizdarevic at ...7509...]

Edin Dizdarevic

This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list