SELF-TEST MODE

#verify snort installation
root@dco:~$ snort -V

#test snort configuration
root@dco:~$ sudo snort -T -c /etc/snort/snort.conf 
 * -T is used to test the configuration (self-test mode)
 * -c identifies the configuration file
 * this cmd checks whether there are misconfigurations in the /etc/snort/snort.conf configuration file
 
 * the total snort rules are applied are indicated by: "snort rules read"
 
 * The configuration file is an all-in-one management file for snort. 
   Rules, plugins, detection mechanisms, default actions and output settings are 
   identified in the configuration file. 
    - It is possible to have multiple configuration files for different purposes and 
      cases but can only use one at runtime.

Last updated