[Snort-users] Barnyard2 configuration and event generation
wkitty42 at ...14940...
Wed Dec 19 20:41:27 EST 2012
On 12/19/2012 15:05, Steve Marotta wrote:
> Ah, excellent. So what I'm interested in are the alerts. I looked in /var/log/snort as well as the directory I specified as my logfile directory, and I didn't see any recent alert files. Did I inadvertently disable them in my conf file, or is there another place I should be looking?
there is only one alert file that i'm aware of... it is not serialized like the
pcaps and u2 files... at least not that i've ever seen in the years i've been
as for disabling it, that's something i haven't yet found out... in our
installs, it seems to be a default enabled file...
More information about the Snort-users