[Snort-users] Performance Question
This is a discussion on [Snort-users] Performance Question within the Snort forums, part of the System Security and Security Related category; Hallo, i installed Snort 2.01 as SuSE 9 RPM. The programm itself logs all rule faults in /var/log/...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-20-2004
|
|||
|
|||
[Snort-users] Performance Question
Hallo,
i installed Snort 2.01 as SuSE 9 RPM. The programm itself logs all rule faults in /var/log/snort as complete snort.log + creates for all ips an extra folder inclusive the fault message as single file from the ip. My first question, is this a common option that snorts creates an extra folder for all ips ? If not, how to deactivate it. Second question, can these tons of folders/files (about 2000-5000) can effect the server performance ? I don`t think so, but one person from our data center insists on that the "snort" logging process is the problem for high loads in combination with logrotate. Thanks for your time. Regards, Martin Bündens ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
