Snort mailing list archives
Re: problem logging
From: "M. Morgan" <mikemorgan () mindspring com>
Date: Tue, 10 Feb 2004 10:59:21 -0500 (GMT-05:00)
Elena, My first guess is that the database table is full of garbage alerts. My advice is too check the file size of your logs and the database size to make sure it isnt jammed full, clear everything out, reboot/restart your services and try again. Just a guess ;) michael -----Original Message----- From: Elena Escolano Torner <eescolano () tissat es> Sent: Feb 10, 2004 7:28 AM To: snort-users () lists sourceforge net Subject: [Snort-users] problem logging Hi everyone, we have installed snort Version 2.0.2 (Build 92) with mysql and acid in a linux machine (debian 2.4.20-2-686). Snort used to work correctly, but since some weeks ago it does not log anything in the alert file, nor in the snort.log file, nor in the acid mysql bbdd. I can not find anything in the logs that could give me a clue of what is happening. Here are the output lines of our snort.conf file: output alert_unified: filename snort.log, limit 128 output alert_fast: alert output database: alert, mysql, user=$user password=$password dbname=snort_log host=aaa.aaa.aaa.aaa port=3306 sensor_name=$sensor_name We have not change anything in the snort.conf, so I do not know why it stop working as it used to. ¿Anyone has experience anything similar? ¿Any idea of what could be happening? Regards and thanks in advance. ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- problem logging Elena Escolano Torner (Feb 10)
- <Possible follow-ups>
- Re: problem logging M. Morgan (Feb 10)
- Re: problem logging Elena Escolano Torner (Feb 10)
- Re: problem logging Jeff Kell (Feb 10)