Re: [Snort-users] Daily mail notification don't work anymore
This is a discussion on Re: [Snort-users] Daily mail notification don't work anymore within the Snort forums, part of the System Security and Security Related category; Frank Knobbe a =E9crit : >On Tue, 2004-12-28 at 08:40 +0100, Sam Przyswa wrote: > > =20 &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-29-2004
|
|||
|
|||
Re: [Snort-users] Daily mail notification don't work anymore
Frank Knobbe a =E9crit : >On Tue, 2004-12-28 at 08:40 +0100, Sam Przyswa wrote: > > =20 > >>The only way to log in ASCII format in /var/log/snort/alert log file fo= r >> =20 >> > > =20 > >>me it's to add the "-A full" option into the snort.common.parameters bu= t >> =20 >> > > =20 > >>then IT STOP TO LOG IN MySQL ! >> =20 >> > > >That is not correct. Do not add -A as it will disable all outputs > >configured in snort.conf. > > >Instead, add the following to snort.conf: > >output alert_full: alert.ids (for full, multi-line output into > >alert.ids) > > >output log_ascii: (for full packet details in /var/log/snort/<ip>) > > =20 > Ok, that's work now , thanks ! Sam. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
