[Snort-users] Snort's pid in syslog
sekure at ...11827...
Mon Sep 13 11:45:01 EDT 2004
I was wondering if this is a bug with snort or perhaps I am going a
I recently reconfigured syslogd to log all daemon messages to one location:
If I am not mistaken, before I did this, snort used to log to
/var/adm/messages and every line used to contain the process id in
square braces. Now that it's logging to /var/log/daemon.log there is
not process id. Every other process (barnyard, sshd, ntpd, etc) has
its pid in the log file, except for snort. The problem is that I am
running 3 instances of snort on one box, and as a result can't tell
which process is associated with which messages. I've restarted snort
and syslogd many times to no avail.
I am running snort 2.2.0 on RedHat 3.0. Anybody seen this?
More information about the Snort-users