[Snort-users] manage logs in snort

Joel Esler (jesler) jesler at ...589...
Mon Jan 23 08:06:59 EST 2017

You'll need to restart Snort every night at 12:01 or something to have a different log every day.  There's currently no way to roll the log daily.

Sent from my iPhone

On Jan 23, 2017, at 5:04 AM, samuel desseaux <samuel.desseaux at ...17755...<mailto:samuel.desseaux at ...17755...>> wrote:


As newbie with snort, i wonder how i can manage my logs.
Since Friday, i've 4 logs files, enough big and 2 only for today, that's a bit strange.

-rw------- 1 snort snort  85M Jan 23 10:56 alert
-rw-r--r-- 1 root  root  128M Jan 20 23:08 alert.1484950122
-rw------- 1 snort snort 128M Jan 21 13:59 alert.1485003592
-rw------- 1 snort snort 128M Jan 22 04:48 alert.1485056894
-rw------- 1 snort snort 128M Jan 22 22:54 alert.1485122081
So, my questions

1) can i have one file per day?

2) can i change the name of the file (for example,"alert.1485003592" is not very clear)?

3) can i change the log level?

Thank you for your help.

Best regards

Samuel Desseaux
Network & System engineer
Mobile :+33 6 03 05 51 47
e-mail: samuel.desseaux at ...17755...<mailto:samuel.desseaux at ...17756...>

Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org<http://SlashDot.org>! http://sdm.link/slashdot
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170123/91142dd2/attachment.html>

More information about the Snort-users mailing list