[Snort-users] HOW DOES ONE STOP an alert file from being Produced?

Martin Roesch roesch at ...1935...
Wed Mar 8 21:28:01 EST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To turn off alerting, use "-A none" at the command line.  To turn off  
logging, you can use -N at the command line or add a "output  
log_null" in the snort.conf file.

      -Marty

On Mar 7, 2006, at 4:18 PM, Jacob, Raymond A Jr wrote:

> I know this is an old question. However, I could not find the answer.
> I am sending alerts a mysql database so I don't need the alert file.
> What has been done in the past, was to periodically delete the  
> alertfile.
> I thought there was a switch or a config statement I could use.
> I tried config alertfile: /dev/null. Stopped snort. Restarted snort.
> The alertfile is still generated.
>
> Thank you,
> Raymond
>

- - --
Martin Roesch - Founder/CTO, Sourcefire Inc. - +1-410-290-1616
Sourcefire - Security for the Real World - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org




- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFED7yVqj0FAQQ3KOARAtduAJ9cMl7g14lLEGdT9yWyW8QCxpiUFgCeLMWw
lAdWhOhggCUzzwdHChwNXC0=
=bhnW
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFED7yuqj0FAQQ3KOARAqbcAJkBx1DDa/36+IDshM/ZxjSfcs7//QCeM+vb
S8L1a2kGlthBY5Uhxf3Wvu0=
=0L1k
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list