Re: [Snort-users] Logging Options w/o MySQL

This is a multipart message in MIME format.
--=_alternative 003FEF5E85256E7B_=
Content-Type: text/plain; charset="US-ASCII"

Two steps:

1. In the snort.conf file, comment out the 'output database: ...
mysql...' line
2. Make sure that snort starts with the '-N' option

Todd Pratt
Systems Security Certified Practitioner
IT Security Administrator
Harte Hanks, Inc.
ph 978-436-3368
tpratt@hartehanks.com



"Kim Wall" <kwall@the4walls.net>
Sent by: snort-users-admin@lists.sourceforge.net
04/18/2004 07:48 PM
Please respond to
<kwall@the4walls.net>


To
<snort-users@lists.sourceforge.net>
cc

Subject
[Snort-users] Logging Options w/o MySQL






Perhaps I have simply overlooked it, but is there a way to get Snort to
simply log to the alert file without logging to an SQL database and
without creating directories for each subnet? I would like the text-based
log file rather than the tcpdump format.

Thanks,

Kim

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.658 / Virus Database: 421 - Release Date: 4/9/2004

--=_alternative 003FEF5E85256E7B_=
Content-Type: text/html; charset="US-ASCII"


<br><font size=2 face="sans-serif">Two steps:</font>
<br>
<br><font size=2 face="sans-serif">&nbsp; &nbsp; &nbsp; &nbsp; 1.
In the snort.conf file, comment out the 'output database: ... mysql...'
line</font>
<br><font size=2 face="sans-serif">&nbsp; &nbsp; &nbsp; &nbsp; 2.
Make sure that snort starts with the '-N' option</font>
<br><font size=2 face="sans-serif"><br>
Todd Pratt<br>
Systems Security Certified Practitioner<br>
IT Security Administrator<br>
Harte Hanks, Inc.<br>
ph 978-436-3368<br>
tpratt@hartehanks.com</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>&quot;Kim Wall&quot; &lt;kwall@the4walls.net&gt;</b>
</font>
<br><font size=1 face="sans-serif">Sent by: snort-users-admin@lists.sourceforge.net</font>
<p><font size=1 face="sans-serif">04/18/2004 07:48 PM</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
&lt;kwall@the4walls.net&gt;</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td valign=top><font size=1 face="sans-serif">&lt;snort-users@lists.sourceforge.net&gt;</font>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td valign=top>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td valign=top><font size=1 face="sans-serif">[Snort-users] Logging Options
w/o MySQL</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2 face="Arial">Perhaps I have simply overlooked it, but
is there a way to get Snort to simply log to the alert file without logging
to an SQL database and without creating directories for each subnet? I
would like the text-based log file rather than the tcpdump format.</font>
<br><font size=3>&nbsp;</font>
<br><font size=2 face="Arial">Thanks,</font>
<br><font size=3>&nbsp;</font>
<br><font size=2 face="Arial">Kim </font>
<br>
<p><font size=2>---<br>
Outgoing mail is certified Virus Free.<br>
Checked by AVG anti-virus system (http://www.grisoft.com).<br>
Version: 6.0.658 / Virus Database: 421 - Release Date: 4/9/2004</font>
<p>
--=_alternative 003FEF5E85256E7B_=--


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users