[Snort-users] Re: Snort 1.9 alert_fast output plugin problem

Martin Roesch roesch at ...1935...
Sun Dec 15 11:18:03 EST 2002


On 12/15/02 8:28 AM, "Ueli Kistler" <iuk at ...1171...> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello
> 
> Output plugin alert_fast has some strange behaviour when the sensor has
> heavy traffic to log (Nessus scan)
> 
> - - Logs are written inside other logs sometimes

Logs or alerts?  Alert_fast is only responsible for writing alerts to the
"alerts" file.

> - -> CRLF will be somewhere you wouldn't expect it e.x.

Examples?

> I didn't test other output plugins, but i think output database plugin
> e.x. is not affected by this problem.
> 
> Regards,
>   Eclipse
>   eclipse at ...5277...
>   www.packx.net
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQE9/IOFad+bo3Jl9EkRAtskAJ9Mf0uqjvexYNHZm2LV+WMJUwJcIwCgidOs
> uaooQP0qYBz5lSiPAgUqANA=
> =iehx
> -----END PGP SIGNATURE-----
> 
> 

-- 
Martin Roesch - Founder/CTO Sourcefire Inc. - (410) 290-1616
Sourcefire: Professional Snort Sensor and Management Console appliances
roesch at ...1935... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org






More information about the Snort-users mailing list