[Snort-users] Snort alert file missing?

Joel Esler jesler at ...1935...
Thu Mar 28 11:52:07 EDT 2013


On Mar 28, 2013, at 11:07 AM, Nicholas Bogart <nickybzoss at ...11827...> wrote:

> Snort Version 2.8.5.2

Current version is 2.9.4.1, you should update.

>  
> I have walked into an office where we are using snort connected to a mysql database.  There doesn't seem to be an alert file.  If we have setup a database connection will it no longer also store stuff in the alert file or is there a setting I am missing? 

If your output method is DB, then your output method is not set to log to disk.

Keep in mind, while you are upgrading, that direct-to-db output has been removed from newer versions of Snort (started in 2.9.3.0), so you need to use barnyard2 to insert into the DB.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130328/179e8892/attachment.html>


More information about the Snort-users mailing list