No subject


Thu Nov 23 16:36:19 EST 2017


bash-2.05# grep syslog snort.conf
# alert_syslog: log alerts to syslog
# Use one or more syslog facilities as arguments
output alert_syslog: LOG_AUTH LOG_ALERT
# This example will create a rule type that will log to syslog
#   output alert_syslog: LOG_AUTH LOG_ALERT


Q2:	Will 'kill -s SIGUSR1 <Snort-PID>' produce statistics on
OpenBSD?  Is this a linux-specific thing?

bash-2.05# ps ax
  PID TT   STAT      TIME COMMAND
    1 ??  Is      0:00.01 /sbin/init
28525 ??  Is      0:00.29 syslogd
29680 ??  Is      0:00.00 portmap
23386 ??  Is      0:00.00 inetd
30898 ??  Is      0:00.01 /usr/sbin/sshd
16670 ??  Ss      0:00.53 cron
10538 ??  Ss      0:45.06 /usr/local/bin/snort -d -s -c /etc/snort/snort.conf -A full -D
15207 ??  S       0:00.12 sshd: ken at ...5630... (sshd)
10684 p0  Is      0:00.01 -bash (bash)
30697 p0  S       0:00.02 -bash (bash)
14776 p0  R+      0:00.00 ps -ax
  473 C0  Is+     0:00.00 /usr/libexec/getty Pc ttyC0
10147 C1  Is+     0:00.00 /usr/libexec/getty Pc ttyC1
 7790 C2  Is+     0:00.00 /usr/libexec/getty Pc ttyC2
14525 C3  Is+     0:00.00 /usr/libexec/getty Pc ttyC3
29643 C5  Is+     0:00.00 /usr/libexec/getty Pc ttyC5
bash-2.05# kill -s SIGUSR1 10538
bash-2.05#

If these are easy one's, then I guess this round's on me.  :)
If nothing else, at least I got to introduce myself.
-- 
-Ken Schweigert, Aspiring Network Administrator
Byte Productions, LLC
http://www.byte-productions.com




More information about the Snort-users mailing list