Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: loggin issue

From: roman () danyliw com
Date: Thu, 10 May 2001 15:35:26 US/Eastern
Is it logging anywhere else (e.g. to a file)? What does you 
command line look like?  Does it have a "-A", if so remove it.

Roman


I don't get it....

I have Snort 1.7 on OpenBSd

it's telling me it's seeing Packets, it's sending alerts, but I see no data
in mysql....


============================================================================
===
Snort received 5065 packets and dropped 0(0.000%) packets

Breakdown by protocol:                Action Stats:
    TCP: 5048       (99.664%)         ALERTS: 7
    UDP: 0          (0.000%)          LOGGED: 7
   ICMP: 12         (0.237%)          PASSED: 0
    ARP: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 0          (0.000%)
DISCARD: 0          (0.000%)
=======================================

connect info

Initializing rule chains...
database: compiled support for ( mysql )
database: configured to use mysql
database:          user = ids
database: password is set
database: database name = snortdb
database:          host = 192.168.69.5
database:   sensor name = 192.168.69.12
database:     sensor id = 2
database: using the "log" facility
796 Snort rules read...
796 Option Chains linked into 114 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++


I am using ACID to look at the SnortDB
I can see it's registered in the database as a sensor...

I just see no data from it



L8rZ,

  )\_/(
 < o,0 >
    ~
   \ /

KoAps





_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: