[Snort-users] Snort Alert File and Summary Statistics

Real Cucumber monkcucumber at ...131...
Wed Jul 7 10:00:05 EDT 2004


Using Fedora Core 2 with snort-2.1.3-1.1, I am not
able to get it to produce any data in the "alert" file
using the following command:

snort -A full -D -l /var/log/snort/dir

It does capture all the traffic though, just doesn't
create any alerts.

I've also tried using the -c snort.conf rules thing
(using latest set of snort rules) - but that doesn't
do it either.

Reason I need the alert file is so I can do summary
analysis on the traffic using snortalog or snortsnarf
- they don't work without the alert file!

Does anyone know of a data analysis tool that will
work on the snort traffic data/directories instead of
hte alert file?  Or how to fix my alert file problem?


Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!

More information about the Snort-users mailing list