[Snort-users] Portscans aren't logging to postgresql...

Erek Adams erek at ...577...
Tue Nov 27 13:17:02 EST 2001


On Tue, 27 Nov 2001, Daedalus wrote:

> I've got snort set up to log to postgresql and acid to view/manage it,
> but for some reason it isn't logging portscans to the db.  I can see
> the spp portscan messages in the default alert file and the info is
> collected in portscan.log but nothing makes it to the signature table
> and acid reports 0% traffic from portscans.  Any idea what's wrong?
>
> Also, I have a question about the -A switch when starting snort.
> If I want to log only to the database do I use -A none?  Or, will
> that shut off alerts to the db as well?  Right now snort is logging
> to both the alert file and the db.
>
> BTW I'm using Snort 1.8.2, PostgreSQL 7.1.3 and acid 0.9.6b17

Sure.

http://acidlab.sourceforge.net/acid_faq.html#faq_b7

:)

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





More information about the Snort-users mailing list