[Snort-users] Snort PID in /var/log/messages

Basselgia, Barry A Mr (NAF Atsugi) BABasselgia at ...12104...
Tue Feb 1 18:39:05 EST 2005


Edin Dizdarevic wrote on Tuesday, February 01, 2005 9:47 PM:
> I still do not _really_ understand what are you trying to achieve. :[
> ....
> -- 
> Edin Dizdarevic

What I'm talking about is anything that snort sends to syslog;
Initialization messages, Performance Stats, Errors, Alerts,...   Here is a
sample:

Feb  2 11:17:14 snort snort: [1:399:6] ICMP Destination Unreachable Host
Unreachable .....
Feb  2 11:17:15 snort barnyard[9767]: Exiting
Feb  2 11:17:15 snort barnyard[8881]: Exiting
Feb  2 11:17:16 snort barnyard[7066]: Initializing daemon mode
Feb  2 11:17:16 snort barnyard[7078]: Opened spool file
'/var/log/snort/snort.log.1107285310'
Feb  2 11:17:16 snort barnyard[7078]: Waiting for new data
Feb  2 11:17:21 snort snort:   Snort Realtime Performance  : Wed Feb  2
11:17:21 2005 ----------
Feb  2 11:17:21 snort snort: Pkts Recv:   241089
Feb  2 11:17:21 snort snort: Pkts Drop:   0
Feb  2 11:17:21 snort snort: % Dropped:   0.00%
Feb  2 11:17:21 snort snort: KPkts/Sec:   0.80
Feb  2 11:17:21 snort snort: Bytes/Pkt:   862
Feb  2 11:17:21 snort snort: Mbits/Sec:   5.24 (wire)
Feb  2 11:17:21 snort snort: Mbits/Sec:   0.27 (rebuilt)
Feb  2 11:17:21 snort snort: Mbits/Sec:   5.51 (total)
Feb  2 11:17:21 snort snort: PatMatch:    95.23%
Feb  2 11:17:21 snort snort: CPU Usage:   20.88% (user)  0.71% (sys)  78.41%
(idle)
Feb  2 11:17:25 snort barnyard[7280]: Initializing daemon mode
Feb  2 11:17:25 snort barnyard[7286]: Opened spool file
'/var/log/snort/snort-bond0.log.1107285310'
Feb  2 11:17:26 snort snort: [1:1437:6] MULTIMEDIA Windows Media download
......
Feb  2 11:17:26 snort barnyard[7286]: Waiting for new data



More information about the Snort-users mailing list