[Snort-users] Alert file

waldo kitty wkitty42 at ...14940...
Wed Mar 20 13:38:17 EDT 2013


On 3/20/2013 01:57, Mohammad MontazerI wrote:
> Hello dear all.
> i enabled Network Intrusion Detection System (NIDS) mode and i recorded my
> network packets.
> this command: ./snort -d -l ./log -c snort.conf
> now in log directory there are two files:
> on of them log all packets and another one name is alert.
> i think this file should contain warning, attacks and ... against my network.
> but after about 7 hours the file still empty!!!
> this is good. but i want test snort. so how can write data in alert file?
> what i can do?

you have to cause an alert for the alert file to have anything written in it...

pick a rule and create traffic that will cause it to fire...






More information about the Snort-users mailing list