[Snort-users] 0 byte unifed log output
jlay at ...13475...
Wed Apr 24 12:44:11 EDT 2013
On 2013-04-24 09:52, John Ainsworth wrote:
> Im pulling my hair out on this problem
> I have installed Snort on Ubunutu 12.04 , 2 nics eth0 used for
> management eth1 is receiving traffic that is coming into our firewall
> via SPAN on the switch
0 byte u2 files mean no alerts happened. Have you set something like:
output alert_fast: snortalert.fast
in your snort.conf to verify that you're getting alerts at all?
More information about the Snort-users