Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Site
Search Rules
Account
email
password
not registered?
user preferences

Snort Forums Archive

Archive Home » Windows » OpenAlertFile() => fopen() alert file log/alert.ids: No such file or directory

Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.

[ Notice: Full Version of This Topic ]

OpenAlertFile() => fopen() alert file log/alert.ids: No such file or directory


Posted by dietf on December 12, 2006 02:31:16

I cannot be able to start snort service. I am using WinXP SP2 machine. I am getting the message in the subject.Thanks.

Posted by dietf on December 12, 2006 03:10:09

Hi, sorry for disturbing. I have changed
'# output log_tcpdump: tcpdump.log' to output alert_fast: alert.ids
It works.

Posted by itnsua on March 06, 2007 22:55:40

Hi, I also have this problem too,
I change
output log_tcpdump: tcpdump.log --> output alert_fast: alert.ids
It appear
OpenAlertFile() => fopen() alert file log/alert.ids: No such file or directory
so How I do next ?????

Posted by itnsua on March 06, 2007 23:02:31

OK I have the answer wow!
It work

use command

c:\snort\bin \snort -c c:\snort\etc\snort\snort.conf -l c:\snort\log -i 2

let go!

Posted by naya2012 on March 30, 2007 04:34:26

Hi !
I have the same error message, and I don't find the solution.
your solution doesn't work here :(

What can I do ?
Thanks

Posted by games1 on May 10, 2007 09:19:16

I also expect the reply for this question. Please help us !!!!

Posted by LeonW on May 15, 2007 13:21:46

OpenAlertFile() => fopen() alert file log/alert.ids: No such file or directory

This means that snort cannot open the file log/alert.ids

Does the "log" directory exist?
Does the user starting snort have correct permissions to write to the directory?

Posted by afire on July 19, 2007 22:43:02

i have the same question,
my platforms is win2003+iis+acid+mysql+php,

snort works well,and log all the alerts into the file log/alert.ids,but can't log into the mysql,

when i run as :
snort -i2 -vde -c ../rules/test.conf

i got the wrong code :

ERROR: OpenAlertFile() => fopen() alert file log/alert.ids: No such file or directory

anybody know what's wrong with the snort ?

Posted by Ganeshen on February 22, 2008 03:17:35

Please use the following switch along with your command:

-l %path to the snort log directory%

e.g.

-l c:\Snort\log

This should make it work.

Thanks.
site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.