[Snort-users] SnortCenter

Jeremy Junginger jjunginger at ...6548...
Wed Aug 7 09:40:03 EDT 2002


Hello,

If you have time to help out, I'm a bit stuck.  I have snortcenter
installed on  a RedHat 7.2 Linux Machine that is already running
ACID/MySQL/PHP/Snort/ADODB.  I am able to pull system status, but it
looks like SnortCenter cannot see snort.

Snort lives at:
/usr/local/snort/

Snort logs live at:
/var/snort_log_storage/

When I add the sensor, I enter the following:

Sensor Name: LabSensor
Sensor IP: x.x.x.x
Sensor Username: userx
Sensor Password: ****
Sensor Agent Type: SnortCenter Client v.1 (SSL enabled)
Interface name to sniff: eth0
Snort command line: /usr/local/snort/snort -c
/usr/local/snort/rules/snort.conf -l /var/snort_log_storage

And when I click the "restart" link within snort center, I get the
following on the web page:

Current config file error:
Log directory = /var/log/snort

Initializing Network Interface eth0
using config file /root/.snortrc
Parsing Rules file /root/.snortrc
ERROR: Unable to open rules file: /root/.snortrc or /root//root/.snortrc
Fatal Error, Quitting..
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains.

And on the host, I get:

Cat: /usr/local/snort/rules/snort_cmd_line.eth0: No such file or
directory.

Any assistance you can provide would be helpful.


Jeremy


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020807/2d274369/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3248 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020807/2d274369/attachment.bin>


More information about the Snort-users mailing list