[Snort-users] Archiving support in Acid 0.9.6b10

Victor Barahona victor.barahona at ...700...
Wed Jun 20 11:55:14 EDT 2001


I had a problem (well a lot) trying the archive support in Acid 0.9.6b10.

I upgrade to the latest snort cvs (1.8 beta6 build 25), then I upgrade the 
database with the new squema v103. The I create another database (v103) that 
will be the archive database.

Problem 1:
If I use the "Archive Alert(s) - copy" with any alert..

Database ERROR:Unknown column 'ip_src0' in 'field list'

Question 1:

The archive database have to have another squema or is the same? It seems 
that it's not founding some items in a table.

Problem 2:
If I use the "Archive Alert(s) - move" with any alert..

'archive_alert2' is an invalid action  (and then the search page)

Question 2:

It's allready implemented this action?

Any ideas? Obviusly I'm making something wrong because nobody post nothing 
about it. :(


"Alone? you are not alone, Bigbrother is watching you"

Victor Barahona Cabezon
http://rincon.uam.es/dir?cw=870938110351562	       PGP ID-0x8750AB79
Soporte Seguridad en red........................http://www.utc.uam.es/ss

More information about the Snort-users mailing list