RE: Snort on ACID Portscan problem

["Uhte, Russ" <RussU () RP-L com>]

Joshua,
I'm using mysql for logging...  I had to change the setting in the
snort.conf file that said "output database: log ...." to "output database:
alert"  Something about the preprocessor uses the alert instead of log
function I think!!
-Russ


-----Original Message-----
From: Joshua Rogers [mailto:josh () ipws com] 
Sent: Monday, August 26, 2002 12:01 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Snort on ACID Portscan problem


Message>Problem solved thanks!!
What was the solution? I am experiencing the same thing; portscan.log file
is full of traffic, but it does not show up in acid.
Thanks,
Joshua Rogers
Webmaster
InterPlanetary Web Services
303-940-2597
IBO# 60092


----- Original Message -----
From: Uhte, Russ
To: Uhte, Russ ; 'snort-users () lists sourceforge net'
Sent: Monday, August 26, 2002 10:22 AM
Subject: RE: [Snort-users] Snort on ACID Portscan problem


Problem solved thanks!!
-Russ
-----Original Message-----
From: Uhte, Russ [mailto:RussU () RP-L com]
Sent: Monday, August 26, 2002 10:54 AM
To: 'snort-users () lists sourceforge net'
Subject: [Snort-users] Snort on ACID Portscan problem


Hello all,
I can't seem to get ACID to look at my portscan.log file.  I have the
statement
$portscan_file = "c:\snort\logs\portscan.log";
in the acid.conf file, however, when I view the site, and click portscan
traffic, nothing shows up... even when there is stuff in the portscan.log
file....
Any ideas would be appreciated!!
Thanks,
Russ

Russ Uhte, CCNA, MCP, A+
Network Administrator
Richmond Power & Light
Parallax Systems Division











---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---



---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---



-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
---
[This E-mail scanned for viruses by Declude Virus]


---
CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive
and confidential use of the intended recipient. If you are not the intended
recipient, please do not read, distribute or take action in reliance upon
this message. If you have received this in error, please notify us
immediately by return email and promptly delete this message and its
attachments from your computer system.
---


-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users