sfportscan not writing to BASE

[Richard Smollett <yawningdogge () gmail com>]

After a portscan, my log file contains the following.

Time: 02/11-14:49:22.006688
event_ref: 0
172.28.61.88 -> 172.28.61.39 (portscan) TCP Portscan
Priority Count: 5
Connection Count: 5
IP Count: 1
Scanner IP Range: 172.28.61.88:172.28.61.88
Port/Proto Count: 5
Port/Proto Range: 23:993

So it looks like the preprocessor is working. But in the BASE interface,
portscan traffic remains 0%. My rules are reporting to BASE just fine.
Preprocessor config looks like this.

preprocessor sfportscan: proto  { all } scan_type { all } memcap { 10000000
} sense_level { low } logfile { /etc/snort/sfportscan.log }

------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!