jmcclure

Hello, I am following the Installing an IIS Web Server Logging events to a mysql database and I am receiving the following error when testing my conf file: ERROR: Portscan log file 'log/\portscan.log' could not be opened: No such file or directory. Fatal Error, Quitting.. My snort configuration file is configured as such preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low } logfile { \portscan.log } any help would be greatly appreciated! Thanks!

I figured it out..... I think there is a step missing in the install guide "installing an IIS Web Server logging events to a MySQL Database". when configuring the snort.conf file...... in step #2 line # 186 needs to be changed to config logdir: d:\winids\snort\log

Hello, I do have a log folder in the snort folder. The log folder is empty. When I use preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low } logfile { portscan.log } it returns this error Decoding Ethernet ERROR: Portscan log file 'log/portscan.log' could not be opened: No such file or directory. Fatal Error, Quitting.. If I disable the portscan by adding the # symbol it returns this error: Decoding Ethernet ERROR: C:\mar21_snortbuild\snort-2.9.8.2-335\src\output-plugins\spo_unified2.c(3 23) Could not open log/merged.log.1465563828: No such file or directory Fatal Error, Quitting.. Thank you for your help so far! any ideas on what I need to do?

I received the same error using the conf file that you provided. ERROR: Portscan log file 'log/\portscan.log' could not be opened: No such file or directory. Fatal Error, Quitting..

here is my snort.conf snort.conf