Hosting Provided By

[Snort-devel] Snort database logging while alerting to unixsock

From: Chris Toombs <ctoombs(at)securiant.com>
Date: Mon Jun 02 2003 - 15:45:57 EDT

Why does the snort command line option to alert using the Unix socket preclude the simultaneous logging to a database as configured through the conf file (constrained in parser.c, ParseOutputPlugIn)? I would like to do this, and can get both to run by changing parser.c, but I am wondering why it was coded like this to begin with? Any help would be greatly appreciated. Thanks
Chris Toombs

This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com.

Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel Received on Wed Jun 4 09:37:40 2003

This message: [ Message body ]
Next message: Obermayr Thomas: "[Snort-devel] Snort 2.0 high CPU load and bad alert rate with higher traffic lo ads?"
Previous message: sunbow: "[Snort-devel] snort2.0.0 can't rebuilt fragment packets and event the originality attack!"
Next in thread: Chris Green: "Re: [Snort-devel] Snort database logging while alerting to unixsock"
Reply: Chris Green: "Re: [Snort-devel] Snort database logging while alerting to unixsock"
Reply: Erek Adams: "Re: [Snort-devel] Snort database logging while alerting to unixsock"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:08:06 EDT