[Snort-users] logto 3.0
kahleong_fong at yahoo.com.sg
Tue Oct 17 03:21:21 EDT 2017
It has been awhile since 2004 that I touched snort! I remembered the logto option to capture pkts used to work.In the 3.0 release , I just cannot seem to get it to capture the pkts to the file.
alert icmp any any -> any any (logto:/var/snort/log/logto_log;sid=400000001; rev:1;)
I am able to see the alerts however no pkts in the logto_log file.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users