Snort mailing list archives

Re: Sensor not logging data

From: Erek Adams <erek () theadamsfamily net>
Date: Fri, 11 Oct 2002 13:21:24 -0700 (PDT)

On Fri, 11 Oct 2002, Andy Stein wrote:

I have been tinkering with the snort / acid combination for a few weeks.
Since I upgraded to 1.9, my sensor logs about 50 events and then dies.

ps shows snort is still running on the sensor and netstat -an shows a
connection to the database, but nothing new is going in.

I have reinstalled mysql on the server and also snort and mysql support on
the sensor.

When I first start the daemon, that's when it logs the data, but it stoped
immediately after.


Are you using the DB output (MySQL?) plugin?  If so, I would suggest moving to
BarnYard and using it to connect to the DB instead.

What you are describing _sounds_ like the DB plugin can't keep a connection to
the MySQL DB.  What _state_ is the socket (to the db) in when you look at it
via netstat?

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Sensor not logging data Andy Stein (Oct 11)
- Re: Sensor not logging data Erek Adams (Oct 11)