[Snort-users] Where does snort write it's errors to.?

Mark Sargent powderkeg at ...11462...
Sat Apr 9 00:08:27 EDT 2005


Alex Kirk wrote:

> Mark,
>
> How did you install Snort? I recently installed it from RPM on Fedora 
> Core 3, and it was definitely logging messages to /var/log/messages.
>
> Also, what user are you running Snort as? If that user doesn't have 
> write permissions on /var/log/messages, that could be an issue. That's 
> especially true if you're starting it from a non-root account like 
> "mark" and then suid'ing to, say, the user "snort" -- if you start 
> Snort from a root shell and have it suid over, you might at least get 
> error messages written out before it suid's.
>
> Alex Kirk
> Research Analyst
> Sourcefire, Inc.
>
>> Hi All,
>>
>> when snort gives errors at startup during boot it doesn't write to 
>> either /var/log/boot.log or /var/log/messages. Where can I find the 
>> error messages.? I'm using Fedora3. Cheers.
>>
>> Mark Sargent.
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by Demarc:
>> A global provider of Threat Management Solutions.
>> Download our HomeAdmin security software for free today!
>> http://www.demarc.com/info/Sentarus/hamr30
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by Demarc:
> A global provider of Threat Management Solutions.
> Download our HomeAdmin security software for free today!
> http://www.demarc.com/info/Sentarus/hamr30
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
Hi All,

Alex, I am running snort at boot, as root. I installed snort from source 
and it fails at boot but nothing is written to either /var/log/messages 
or boot.log. Any way I can get those error messages written to file..? 
Cheers.

Mark Sargent.




More information about the Snort-users mailing list