[Snort-users] logsnorter problem

Jason Haar Jason.Haar at ...294...
Sun Oct 28 15:15:01 EST 2001


On Sun, Oct 28, 2001 at 01:14:26PM +0800, Hasnain Atique wrote:
> Hello,
> 

> I'm using Snort 1.8.1 with MySQL 3.23.42, and am now trying to fee
> iptables an PIX logs into the database using logsnorter. Two problems:

Well for a start, logsnorter doesn't support PIX logs...

> First, for iptables, I get the following when I run `logsnorter -v -T
> /var/log/messages`
> 
> logsnorter: Error line 8. Unknown iptables match on line 8: Oct 28 13:10:06 isis kernel: IN=eth1 OUT= MAC=01:00:5e:00:00:01:00:30:80:93:23:54:08:00 SRC=10.214.0.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=34156 PROTO=2 
> 

I've had someone else say the iptables subroutine doesn't work (they even
rewrote it for me! :-) - I'll take a look at it.

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417




More information about the Snort-users mailing list