1 -- This file is no longer used if you are using 'snort-mgr' to create the
2 -- configuration. It is left as a sample.
4 -- use ths file to customize any functions defined in /etc/snort/snort.lua
6 -- switch tap to inline in ips and uncomment the below to run snort in inline mode
13 variables = default_variables,
14 -- uncomment and change the below to reflect rules or symlinks to rules on your filesystem
15 -- include = RULE_PATH .. '/snort.rules',
34 -- To log to a file, uncomment the below and manually create the dir defined in output.logdir
35 --output.logdir = '/var/log/snort'
49 enable_signature = true,
52 verdict = 'log', enable_file_type = true, enable_file_signature = true
57 -- To use openappid with snort, install the openappid package and uncomment the below
59 -- app_detector_dir = '/usr/lib/openappid',
61 -- app_stats_period = 60,