[Snort-users] Help with alert_unixsock issues
james at ...13655...
Thu Dec 1 06:30:02 EST 2005
I am experimenting with the alert_unixsock function.
I have had a read of the code and it suggests to me that a socket called
snort_alert should be created in the log directory (/var/log/snort).
The socket seems not to be automatically created and I see the error:
/var/log/snort/snort_alert file doesn't exist or isn't writeable!
when I start Snort.
Can anyone shed any light on this? I would have thought the socket
would have been created automatically? Is there syntax for the output
plug-in that I am missing?
Thanks in advance
James Turnbull <james at ...13655...>
Author of Hardening Linux from Apress
PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)
More information about the Snort-users