[Snort-users] snort log formats: .log v.s .u2

Marcin Dulak marcin.dulak at ...11827...
Sun Feb 19 04:11:19 EST 2017


Snort log output depends on what's in snort.conf and the command line
switches like -y, -N.
It takes some experimentation to figure out how they interact.

Marcin

On Sun, Feb 19, 2017 at 8:09 AM, Paul Li <paul at ...17768...> wrote:

> I've experiencing inconsistent behavior of Snort generating log. (Using
> Snort 2.9.9 on Ubuntu 14.04.)
>
> After a fresh installation, the file format is .u2, but the log files
> become .log for some reason.  One thing is consistent is that if Snort
> generates .log files, it will never generate .u2 file.  I want .u2 files:
> sometimes deleting .barnyard2.waldo file help, sometimes need reinstall
> Snort.
>
> Kind of feeling it's related to permission. But really not sure. Wondering
> where I could find some good document about Snort generating logs.
>
> Thanks,
> Paul
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170219/e23d3150/attachment.html>


More information about the Snort-users mailing list