[Snort-inline-users] configuring reporting/logfile questions

[Michael W C. <co...@ca...>]

I've managed to make snort_inline 2.4.3-RC3 work - I think. The ascii
log files are empty (yes, I started with -K ascii), and I don't know
if/how I can log to base or squil (I think that's how it's spelled).
Ideally I'd like to do both, but I'll settle for either.

I'm pretty sure something should be in the logs at this point because
when I accidentally made snort work I had a dozen incidents in an
hour.  I'm fairly certain that it's working because I've configured my
firewall to dump to ip_queue and I can still connect, but I'd be
happier with confirmation.  8-)>

Thanks for any assistance.

Mike-
--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed 
site-wide spam filters at catherders.com.  If email from you bounces,
try non-HTML, non-encoded, non-attachments,