snort log location

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

snort log location

NoSukker
Does anyone know where the log location for snort is located?I would like to write a script that will email the last days logs or the last week.  This way I can run analytics on the data remotely. I checked where snort usually places logs and they are not there.
Reply | Threaded
Open this post in threaded view
|

Re: snort log location

Hans
Administrator
For bridge mode it is /tmp/snort/alert.fast

Using Shield Pro v1, Chaos Calmer, FW 1.51 SP1, Bridge Mode

2nd Shield as Sandbox, Chaos Calmer, FW 1.51 SP1 + hotfixes
Reply | Threaded
Open this post in threaded view
|

Re: snort log location

NoSukker
Thank you Hans. I found it in same place but different file name in router mode, /tmp/snort/alert.