[Snort-users] Snort IDS doesn't log the alerts in the path /var/log/snort

Al Lewis (allewi) allewi at cisco.com
Tue May 15 11:59:31 EDT 2018


Hello,

You can set the logging with the -l (lowercase letter L) or set it within your config file.

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node21.html




Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
Cisco Systems Inc.
Email: allewi at cisco.com<mailto:allewi at cisco.com>

From: Snort-users <snort-users-bounces at lists.snort.org> on behalf of 2014/2015 - Nsabimana Thierry <thierry.nsabimana at aims-cameroon.org>
Date: Tuesday, May 15, 2018 at 11:17 AM
To: "snort-users at lists.snort.org" <snort-users at lists.snort.org>
Subject: [Snort-users] Snort IDS doesn't log the alerts in the path /var/log/snort

Hello everyone,
I passed DARPA dataset into snort IDS to generate the alerts in the
path /var/log/snort but it doesn't log the alerts. I just see the received
and analyzed packets. I don't see how to solve such problem.
To run it on snort, I used the following command
sudo snort -r datasetName.pcap -c snort.conf
Could you please help me to solve this problem.


--
[https://docs.google.com/uc?export=download&id=0B8jpipaJicbYWlVIQmdVYVBvTGc&revid=0B8jpipaJicbYNUpwTmhSaVVPdXZheVVjQnVKc3RlTVdpSk00PQ]
PhD Student In Computer Science
University of Abomey Calavi, IMSP
Email: thierry.nsabimana at aims-cameroon.org<mailto:thierry.nsabimana at aims-cameroon.org>
Email: thierry.nsabimana at imsp-uac.org<mailto:thierry.nsabimana at aims-cameroon.org>
Tel: +229 61 403 104
AIMS-CAMEROON ALUMNI


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180515/bbd293aa/attachment.html>


More information about the Snort-users mailing list