[Snort-users] inconsistency in acid-0.9.6b10?

Andreas Hasenack andreas at ...814...
Sun May 20 17:31:34 EDT 2001


I'm looking up an IP address and the table I get says:

Num of sensors	Occurrances as src	As dest.	First					Last
2				   8				  0         2001-05-08 16:27:16 	2001-05-20 18:22:06 


So far, so good. But when I click on that "8" number to see these occurances,
the timestamp doesn't match. I don't get an event with that "first" date
nor with that "last" date, but only events in between.
In fact, that "last" date is the date of the most recent event in my database,
and it has nothing to do with that IP I'm looking up. It doesn't matter what IP I
lookup, I always get as "Last occurance" the most recent event on my database.






More information about the Snort-users mailing list