[Snort-devel] xml output plugin woes
Ivan.Eriksen at ...1859...
Mon Mar 17 02:00:15 EST 2003
(This message has been posted previously on snort-users, sorry for any
We're having problems with the xml output plugin for versions newer than
1.8.3 (that is 1.8.7 and 1.9.x).
Our snort.conf line for this is:
output xml: log, file=/var/log/snortxml
This works fine in 1.8.3, but newer versions are acting strange (see later
The following systems have been tested
Redhat 7.1: Standard server installation (with added libxml2-2.4.9 and
Redhat 8.0: Standard server installation
Result: Everything works fine and xml is appended to the log file.
Result: Only blank lines are inserted into the log file every time a log is
Result: snort service core dumps when trying to write the first alert to xml
Result: at start up the snort service reports: "WARNING: unknown output
plugin: 'xml'". It runs fine, but nothing is written in the snort log file.
All versions have also been compiled from source, but the results are the
More information about the Snort-devel