[Snort-devel] Offering a 64bit version of Snort for Windows?

Michael Steele michaels at ...2826...
Wed Oct 31 20:29:29 EDT 2012


In my snort.conf:

output unified2: filename merged.log, limit 128

This is the first time I've seen these entries.

Michael...


-----Original Message-----
From: beenph [mailto:beenph at ...2499...] 
Sent: Wednesday, October 31, 2012 8:23 PM
To: Michael Steele
Cc: snort-devel at lists.sourceforge.net; barnyard2-devel at ...3154...
Subject: Re: [Snort-devel] Offering a 64bit version of Snort for Windows?

On Wed, Oct 31, 2012 at 8:02 PM, Michael Steele <michaels at ...2826...>
wrote:
> I'm seeing these:
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x20cebe98]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x2096dd70]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x2080cc38]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x20649a18]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x205cd800]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x2057fba0]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x204fa5b8]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x20fa8690]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x20cebe98]
>
> WARNING database [Database()]: Called with Event[0x0] Event Type [0] 
> (P)acket [0x2096dd70]
>


Thats because you probably have  output log_unified2   configured in
snort rather than output unified2.

-elz






More information about the Snort-devel mailing list