[Snort-users] How to stop snort to log startup messages into syslog?

Gerhard Mourani GMourani at ...16783...
Tue Apr 15 13:29:13 EDT 2014


Thanks, I’ll be interested to know about too.

[cid:B311EAD7-4A88-4855-B270-EB2E7034A14D at ...16786...]

On Apr 15, 2014, at 1:22 PM, Jeremy Hoel <jthoel at ...11827...<mailto:jthoel at ...11827...>> wrote:

But that option is just for it's alerting output right? Not the startup/shutdown messages (of which there are more then a few).  I commented out the output line (output alert_syslog: LOG_LOCAL6 LOG_ALERT) in my snort.conf and I still see the startup/shutdown messages.

For the OP - Security Onion does this (negates the messages in syslog) and it does it by starting snort differently. I'm trying to find the thread that talked about it.


On Tue, Apr 15, 2014 at 5:02 PM, Nicholas Mavis (nmavis) <nmavis at ...589...<mailto:nmavis at ...589...>> wrote:
You can turn off syslogging in your Snort.conf file. I would recommend
reading through the following:

http://manual.snort.org/node21.html

-Nick


On 4/15/14, 11:55 AM, "Gerhard Mourani" <GMourani at ...16783...<mailto:GMourani at ...16783...>> wrote:

>Hello list,
>
>I don¹t know if there is a way to start the Snort process without having
>its startup messages being logged into syslog -> /var/log/messages?
>I¹ve tried to start it with the following parameters without success,
>still log startup messages into the /var/log/messages file.
>
>snort -c /etc/snort/snort.conf -D -g snort -q -N --daq afpacket --daq-var
>buffer_size=512MB -i eth1
>
>Regards,
>--------------------------------------------------------------------------
>----
>Learn Graph Databases - Download FREE O'Reilly Book
>"Graph Databases" is the definitive new guide to graph databases and their
>applications. Written by three acclaimed leaders in the field,
>this first edition is now available. Download your free book today!
>http://p.sf.net/sfu/NeoTech
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
>Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest
>Snort news!


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140415/8d0e8b5f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Signature-525x150.jpg
Type: image/jpeg
Size: 88983 bytes
Desc: Signature-525x150.jpg
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140415/8d0e8b5f/attachment.jpg>


More information about the Snort-users mailing list