[Snort-users] New to ACID - need help

Sheahan, Paul (PCLN-NW) Paul.Sheahan at ...2218...
Mon Aug 5 12:00:04 EDT 2002


Hello,

Using Steven Scott's Snort Installation Manual, I just setup a new
ACID/MySQL server running on Red Hat Linux 7.2. I'm using ACID 0.9.5, and
MySQL 3.23.51. I then setup a test Snort sensor (1.8.7) on a separate Linux
7.2 box. I was able get Snort to send some test alerts to the MySQL database
on the ACID server properly, and everything seems to be working otherwise.
Though when I'm using the ACID console, and try to choose items related to
protocols, I get the error:

Query execution error: Unknown column 'ip_src0' in 'field list'

Also, unique alert list information displays normally, though when choosing
unique Source or destination address-related links on the console, I also
get the error:

0 IP addresses were found
Warning: Supplied argument is not a valid MySQL result resource in
/var/www/html/acid/acid_stat_uaddr.php on line 169
Warning: Supplied argument is not a valid MySQL result resource in
/var/www/html/acid/acid_stat_uaddr.php on line 221

Lastly, while checking the "Graph alert detection time" option to see if it
works, I noticed I can only choose year 2001 or less (can't choose the year
2002). I checked and both sensor and server have the correct date and time.

Any ideas?


Thanks!




More information about the Snort-users mailing list