[Snort-users] Snort Alert File and Summary Statistics
monkcucumber at ...131...
Wed Jul 7 10:00:05 EDT 2004
Using Fedora Core 2 with snort-2.1.3-1.1, I am not
able to get it to produce any data in the "alert" file
using the following command:
snort -A full -D -l /var/log/snort/dir
It does capture all the traffic though, just doesn't
create any alerts.
I've also tried using the -c snort.conf rules thing
(using latest set of snort rules) - but that doesn't
do it either.
Reason I need the alert file is so I can do summary
analysis on the traffic using snortalog or snortsnarf
- they don't work without the alert file!
Does anyone know of a data analysis tool that will
work on the snort traffic data/directories instead of
hte alert file? Or how to fix my alert file problem?
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
More information about the Snort-users