[Snort-users] Are packets being dropped? (revisited)

Jones, Benny Ben at ...32...
Tue Mar 6 18:09:53 EST 2001


Thanks Vitaly, for your feedback.  I went back and found
your previous post.

However, I'm afraid I've been unable to see this work under
Solaris 8.  I put a line in syslog.conf such that *.debug
gets logged.  As expected, I see lotsa stuff coming into this
log.

But then, when I send my snort process a kill -s USR1 (I'm
trying to recall the exact syntax per the man page), I don't
see the stats.  In fact, it appears that every 2nd time I
issue this command my snort process dies.

I hope it's not operator error, but any suggestions as to
what the problem might be?  Anyone actually getting snort to
dump stats while running in daemon mode?

Thanks a lot.

Benny

-----Original Message-----
From: Vitaly McLain [mailto:twistah at ...93...]
Sent: Saturday, March 03, 2001 11:01 PM
To: Jones, Benny
Cc: snort-users at lists.sourceforge.net
Subject: Re: Antwort: Re: [Snort-users] Are packets being dropped?


I think I posted this already.

grep debug /etc/syslog.conf

Where "*.=debug" is being logged, you'll probably find the stats you're
looking for.

Vitaly McLain
twistah at ...93...
twistah @ OPN & EfNet
"If you don't turn on to politics, politics will turn on you."
       - Ralph Nader




More information about the Snort-users mailing list