[Snort-users] config file

wkitty42 at ...14940... wkitty42 at ...14940...
Mon Apr 25 10:40:55 EDT 2016


On 04/25/2016 06:20 AM, Chris Sandford wrote:
> ERROR: log_tcpdump: Failed to open log file "c:\snort\log/c:\snort\log.1461579119
>
> 9": Invalid argument
>
> Fatal Error, Quitting..
>
> I update my config file to point to c:\snort\log but I do not understand why it
> is looking for a log.1461579119?
>
> There is no file in that folder named as such so I can understand why it’s failing.
>
> Using on Windows

every time snort is started, it creates a new log file... *by default*, those 
log files have the name format of

   /some/directory/in/the/tree/snort.xxxxxxxxxx

the xxxxxxxxxx represent the numbers snort adds to the file name... these 
numbers are the decimal value of the unix time stamp of the file's creation...

it appears that you have told snort to use a directory to store the files in but 
you have not told it the filename to use...

what is your command line to start snort?

what does Section #6 (at least) of your snort.conf contain?

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.




More information about the Snort-users mailing list