ClearFoundation Tracker - ClearOS |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0001511 | ClearOS | app-intrusion-detection - Intrusion Detection | public | 2014-01-10 11:31 | 2015-11-23 12:38 |
|
| Reporter | NickH | |
| Assigned To | user2 | |
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | no change required | |
| Platform | | OS | | OS Version | |
| Product Version | 6.5.0 | |
| Target Version | | Fixed in Version | | |
|
| Summary | 0001511: Duplicate Snort logging since 6.5 |
| Description | The files /var/log/snort/syslog (and their rotated copies), which are new since 6.5 was released, contain an exact duplicate of the snort entries in /var/log/messages from when snort starts up and this is wrong to me. The cause appears to be a new file, /etc/rsyslog.d/snort.conf, which sends the messages to the new file. This file is missing a trailing "& ~" which would stop the files going to /var/log/messages. If in doubt have a look at /etc/rsyslog.d/ipsec.conf for how it should be done.
Note this is heavily related to bugs 1263 and 1264. |
| Steps To Reproduce | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2014-01-10 11:31 | NickH | New Issue | |
| 2014-01-10 11:49 | user2 | Note Added: 0001128 | |
| 2014-01-10 11:49 | user2 | Status | new => resolved |
| 2014-01-10 11:49 | user2 | Resolution | open => no change required |
| 2014-01-10 11:49 | user2 | Assigned To | => user2 |
| 2015-11-23 12:38 | user2 | Status | resolved => closed |