[Snort-users] Rotating Snort U2 Files Hourly

Rajput, Jawad (CONTR) Jawad.Rajput at hq.doe.gov
Sun Jan 13 00:23:59 EST 2019

Hi All,

I was wondering if there is a way to rotate Snort Unified 2 files based on time instead of size? We have a project that requires shipping Snort events into Unified 2 format to a custom made third party platform on hourly basis. Using rsync will duplicate data so we cannot use rsync. 

Jawad Rajput 
System Administrator
U.S. Department of Energy 
IM-62 /Germantown Building
HQ Network Security Team
Email: Jawad.Rajput at hq.doe.gov

More information about the Snort-users mailing list