Snort log

Hello, I have a problem with snort. Version 2.9.7.0 GRE (Build 149). And I use 5.3.0-1parrot1-amd64.
The problem with snort is that it is not able recognize /var/log/snort/snort.log. In first, it said it is not able to log. Then I wrote this line in the file ‘snort.conf’. HERE is /etc/snort/snort.conf :


Configure default log directory for snort to log to. For more information see snort -h command line options (-l)

config logdir: (I wrote this line : )

/var/log/snort/
(I also try /var/log/snort/snort.log)


HERE is its message when I run it :
‘FATAL ERROR: /etc/snort/snort.conf(197) Invalid configuration line: /var/log/snort/’
I tried also with the option in line : snort -l
The file /var/log/snort/snort.log exists. But it does not use it.
With the manual (2.9.13 fev 2019) and the site snort.org, I find nothing.
With dpkg-reconfigure snort, I have added the option /var/log/snort/snort.log
But nothing for results.
Thank you very much for your answer. Regards.
Bruno Joubier.

For the log line ensure it says

config logdir: /var/log/snort

For the log directory make sure it is all on the same line like shown above. Here are some sample snort.conf files if you need more references.
https://www.snort.org/configurations

let me know if this works for you/if you need any more help.

thank you very much. I’ll say you if I need. regard.

1 Like