Has anyone been able to rotate their snort alert logs using newsyslog?
I have tried several different combinations in the newsyslog.conf file
with out any luck. It will gzip and number the the files, even create
a new one but no alerts are logged into it. My last atempt was this;
#/var/log/snort/alert snort:snort  600  7    *    24   Z  /var/run/snort
_bge0.pid

snort info -> snort-mysql-2.1.3 built from source in pkgsrc

% /usr/pkg/bin/snort -V

-*> Snort! <*-
Version 2.1.3 (Build 27)
By Martin Roesch (roesch@sourcefire.com, www.snort.org)


thanks
-- 
 _
( ) ASCII ribbon campaign   Mark Thomas
 X  against HTML e-mail     www.theswamp.org
/ \