In light (or dark rather), of the nimda scans that are pounding my snort box. I was curious if there was anyway to, on the command line, log specific rules to a specific log file? ie: snort -c snort.conf -i eth0 -l /var/log/snort -<customlog> /var/log/snort/friggeniisattacks.log.
You get my point, I know you can send it to syslog and parse it from there, but i'd rather just make it log to a custom log file. If there isn't away how many of you would be interested in a script that does? I might just write one ;p.
Thanks!
w1re

________________________________________________________
The Best News Source On The Web - http://www.disinfo.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]