Re: Why no log output from snort?

To: debian-firewall@lists.debian.org, jps@westnet.com.au
Subject: Re: Why no log output from snort?
From: "Charles Grellois" <charles@maxg.info>
Date: Sat, 12 Jun 2004 15:21:43 +0200
Message-id: <[🔎] MaxgMailMID-F200406121521.AA21430023@maxg.info>

James Sinnamon wrote:
> Dear Debian firewallers,
> 
> (Apologies if this is not the right place to ask)
> 
> I am running snort:
> 
> greenhouse:/etc/snort# ps axww | grep snort
>  1723 ?        Ss     0:01 /usr/sbin/snort -m 027 -D -c
/etc/snort/snort.conf 
> -l /var/log/snort -d -u snort -g snort -O -S HOME_NET=[192.168.0.0/24] -i 
> eth0,
> 
> .... but the log files are empty:
> 
> greenhouse:/etc/snort# ls -l /var/log/snort/
> total 0
> -rw-r-----    1 snort    adm             0 2004-06-12 15:50 alert
> -rw-r-----    1 root     adm             0 2004-06-12 16:53 
> snort.log.1087023225
> 
> Can anyone spot the problem? 
> 
> TIA 
> 
> James Sinnamon

I had the same problem because Snort didn't recognize my rules 
directory. I fixed it by using snort -C /path/to/rules & . It's working now.

I hope it'll help you,

Charles Grellois

Reply to:

Follow-Ups:
- Re: Why no log output from snort?
  - From: James Sinnamon <jps@westnet.com.au>

Prev by Date: Why no log output from snort?
Next by Date: Re: Why no log output from snort?
Previous by thread: Why no log output from snort?
Next by thread: Re: Why no log output from snort?
Index(es):
- Date
- Thread