[Snort-users] Help with alert_unixsock issues

James Turnbull james at ...13655...
Thu Dec 1 06:30:02 EST 2005


Hi

I am experimenting with the alert_unixsock function.

I have had a read of the code and it suggests to me that a socket called 
snort_alert should be created in the log directory (/var/log/snort).

The socket seems not to be automatically created and I see the error:

/var/log/snort/snort_alert file doesn't exist or isn't writeable!

when I start Snort.

Can anyone shed any light on this?  I would have thought the socket 
would have been created automatically?  Is there syntax for the output 
plug-in that I am missing?

Thanks in advance

James Turnbull

-- 
James Turnbull <james at ...13655...>
---
Author of Hardening Linux from Apress
(http://www.amazon.com/exec/obidos/tg/detail/-/1590594444/)
---
PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)





More information about the Snort-users mailing list