[Snort-users] Acid Database Logs
bitored2002 at ...3162...
Thu Feb 28 10:07:16 EST 2002
So with alert i will never have anything in my log
--- "McGuire, Barrett" <BCMcGuire at ...5159...>
wrote: > Ran into same thing. When output database
> is "alert", nothing will
> show up in log file. when output database command
> is "log" you will see the
> alert in the log and in Acid. this is by design.
> If you do not use the output database "alert", your
> portscans will not show
> up in Acid.
> I use the output database "alert", so that my
> portscans will show up in
> -----Original Message-----
> From: Kenny D [mailto:bitored2002 at ...3162...]
> Sent: Thursday, February 28, 2002 10:24 AM
> To: snort users
> Subject: [Snort-users] Acid Database Logs
> I have setup snort logging to Acid and have noticed
> something strange. When i view the page
> localhost\Acid\index.html i notice from time to time
> alerts being logged. However these alrtsdo not raise
> snort alarm,(iuse idscenter to send myself an email)
> and nothing is logged in my alert.log file.
> I use the output database command with the alert
> option not log. Why does this happen? Shouldnt i get
> an alert on snort?
> Hope someone can help.
> http://movies.yahoo.com.au - Yahoo! Movies
> - Vote for your nominees in our online Oscars pool.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> Snort-users list archive:
http://movies.yahoo.com.au - Yahoo! Movies
- Vote for your nominees in our online Oscars pool.
More information about the Snort-users