snort-users May 2008 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: [Snort-users] 2.8.1 or 2.8.2rc1: cannot configure c

[Snort-users] 2.8.1 or 2.8.2rc1: cannot configure custom output

From: Philippe Strauss <philou_at_nospam>
Date: Fri May 09 2008 - 15:33:19 GMT

Hello snort users,

Using those 2 snort versions, I cannot figure out how to make works the following type of output:

# DEFAULT in vanilla config: works
#output alert_syslog: LOG_AUTH LOG_ALERT
# DOESNT WORKS: still log in auth
#output alert_syslog: log_local7 log_info

# DOESNT WORKS: still logs via syslog in auth
#output alert_unified: filename snort.alert, limit 128
#output log_unified: filename snort.log, limit 128

#output unified2: filename snort.u2
#output log_unified2: filename snort.lu2
#output alert_unified: filename


output alert_csv: snort.csv msg,proto,timestamp,src,srcport,dst,dstport

output log_unified: filename

The rest of my config is like the example shipped in the tarball, excet for the $HOME networks list and the rules path

What am'I missing?
TIA -- Philippe Strauss ------------------------------------------------------------------------- This email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2.;198757673;13503038;p? _______________________________________________ Snort-users mailing list Go to this URL to change user options or unsubscribe: Snort-users list archive: