Unable to locate snort.conf file

[bisoldi]

I'm having difficulty locating the snort.conf file within the Snort 2.9.8.0 docker image. Can you advise where it's located? I'd like to modify it to output in CSV format.

[jonschipp]

Hello @bisoldi, We don't maintain a file there. Users are supposed to mount files from their filesystem into the container using -r. Something like

./containnsm run ... -r /pcap/test.pcap,~/snort.conf:/etc/snort/snort.conf -- snort -c /etc/snort/snort.conf -r /pcap/test.pcap

I did this off the top of my head so the paths are probably wrong but that's how you would accomplish it. You will probably need all the files snort.conf includes too so it's best to have it all in the a directory locally and then just that directory into the container.

We had plans to start another project that contains all sorts of config files and stuff to go along with ContainNSM but we're currently on hiatus.