AW: [Snort-users] ACID Reporting and Portscans
Sandro.Poppi at ...3316...
Tue Aug 6 22:12:04 EDT 2002
I suppose you have output database: log ... in snort.conf. Switch to output
database: alert ... and it should work.
> Well, Now Im totaly confused. I am logging to the syslog AND
> to MySQL (For Acid), and in the syslog, Im getting:
> Aug 6 13:21:23 wolfserver snort: spp_portscan: portscan
> status from <ip Address>: 1 connections across 1 hosts:
> TCP(1), UDP(0) , but in Acid, Im not seeing that. The
> portscan.log file has these permissions:
> -rw-rw-r-- 1 root root 67691 Aug 6 13:22 portscan.log
> Any Ideas why its not showing up in Acid?
More information about the Snort-users