ACID -- no alerts being detected but....

["vicky Mair" <vickyr () socal rr com>]

hi there,


for some reason which i can't seem to nail it, ACID console is not able to
display alerts even though  "/etc/snort/alert" is being generated with valid
data through some test (nmap, pings...etc) that i performed.

my snort process (ps) shows:
/usr/sbin/snort -A fast -b -l /var/log/snort -d -D -i eth0 -c /etc


snort.conf has database statement as follows:
output database: alert, mysql, user=root dbname=snort host=192.168.2.102


when i bring up my ACID via the following url i login as user "admin"

http://localhost/acid/acid_main.php

shows database: snort@locahost
time window: no alert detected

traffic profile by protocol shows all zeros.

btw, i followed steven scott's manaul at
http://www.snort.org/docs/snort-rh7-mysql-ACID-1-5.pdfwhich ....see page 20
for more info.

please let me know if you need any further information.....any insight will
be appreciated.


tia,
/vicky





-------------------------------------------------------
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
www.ictp.com/training/sourceforge.asp
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users