[Snort-users] SNORT Installed properly But not Logging alerts

ARUN PUSHKAR arunpushkar at ...11827...
Wed Feb 20 10:55:01 EST 2013

*I have installed snort and after installation when i run following:*

sudo snort -c /usr/local/snort/etc/snort.conf

*I Get:*

Finished dumping dynamic rules.

Snort exiting

*When i run this:*

sudo snort -c /usr/local/snort/etc/snort.conf -T -l /var/log/snort

*I Get:*

Snort successfully validated the configuration!

Snort exiting

*When i Run:*

/usr/local/snort/bin/snort -i eth0

*I can see traffic but when i use ' curl http://testmyids.com ' for testing
SNORT installation it does not gives any alert in unified2 file which is
being logged in /var/log/snort*

*snort config file has this line for logging into unified file :*

output unified2: filename unified.snort.alert, limit 128

*And for starting snort i am using:*

sudo snort -c /usr/local/snort/etc/snort.conf -l /var/log/snort -i eth0

*Every thing seems to be right but why is it not logging alerts ?*

Arun Pushkar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130220/320e258e/attachment.html>

More information about the Snort-users mailing list