Snort日志保持为空

Question

我刚刚安装了snort，并使用它来分析pcap文件。

snort -V

Version 2.9.11.1 GRE (Build 268)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
           Copyright (C) 2014-2017 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using libpcap version 1.8.1
           Using PCRE version: 8.39 2016-06-14
           Using ZLIB version: 1.2.8

我运行以分析pcap文件的命令，它应该生成一个日志文件是：

sudo snort -v -c /etc/snort/snort.conf -r test.pcapng

当我转到/var/snort/log时，警报文件为空

在此感谢您的帮助..谢谢