[Snort-users] SNORT-2.9.4 Installed properly but NOT Logging ALERTS
arunpushkar at ...11827...
Wed Feb 20 11:02:56 EST 2013
*USING snort 2.9.4, daq 2.0.0, snortrules-snapshot-2940
I have installed snort and after installation when i run following:*
sudo snort -c /usr/local/snort/etc/snort.conf
Finished dumping dynamic rules.
*When i run this:*
sudo snort -c /usr/local/snort/etc/snort.conf -T -l /var/log/snort
Snort successfully validated the configuration!
*When i Run:*
/usr/local/snort/bin/snort -i eth0
*I can see traffic but when i use ' curl http://testmyids.com ' for testing
SNORT installation it does not gives any alert in unified2 file which is
being logged in /var/log/snort*
*snort config file has this line for logging into unified file :*
output unified2: filename unified.snort.alert, limit 128
*And for starting snort i am using:*
sudo snort -c /usr/local/snort/etc/snort.conf -l /var/log/snort -i eth0
*Every thing seems to be right but why is it not logging alerts ?*
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users