3.7. The Snort Configuration File

Snort uses a configuration file at startup time. A sample configuration file snort.conf is included in the Snort distribution. You can use any name for the configuration file, however snort.conf is the conventional name. You use the -c command line switch to specify the name of the configuration file. The following command uses /opt/snort/snort.conf as the configuration file.

/opt/snort/snort -c /opt/snort/snort.conf

You can also save the configuration file in your home directory as .snortrc, but specifying it on the command line is the most widely used method. There are other advantages to using the configuration file name as a command line argument to Snort. For example, it is possible to invoke multiple ...

Get Intrusion Detection Systems with Snort: Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.