Snort Extra 3.1.77 seems not logging to data_log file while snort is running. If you terminate the process, it flushes stream to the file. I assume this is because we have TextLog_Term(tlog); in tterm in data_log.cc. But, we don't have TextLog_Flush(tlog); in void LogHandler::handle(DataEvent& e, Flow* f) in data_log.cc. I have added TextLog_Flush(tlog); at the end of handle method, and looks like it's working for me now.