[Snort-users] Acid Database Logs

Kenny D bitored2002 at ...3162...
Thu Feb 28 10:07:16 EST 2002


Thanks,

So with alert i will never have anything in my log
file? 



 --- "McGuire, Barrett" <BCMcGuire at ...5159...>
wrote: > Ran into same thing.  When output database
command
> is "alert", nothing will
> show up in log file.  when output database command
> is "log" you will see the
> alert in the log and in Acid.  this is by design.
> 
> If you do not use the output database "alert", your
> portscans will not show
> up in Acid.
> 
> I use the output database "alert", so that my
> portscans will show up in
> Acid.
> 
> bcmcg
> 
> -----Original Message-----
> From: Kenny D [mailto:bitored2002 at ...3162...]
> Sent: Thursday, February 28, 2002 10:24 AM
> To: snort users
> Subject: [Snort-users] Acid Database Logs
> 
> 
> Hi,
> 
> I have setup snort logging to Acid and have noticed
> something strange. When i view the page
> localhost\Acid\index.html i notice from time to time
> alerts being logged. However these alrtsdo not raise
> a
> snort alarm,(iuse idscenter to send myself an email)
> and nothing is logged in my alert.log file.
> 
> I use the output database command with the alert
> option not log. Why does this happen? Shouldnt i get
> an alert on snort?
> 
> Hope someone can help.
> 
> Rgds.
> 
> http://movies.yahoo.com.au - Yahoo! Movies
> - Vote for your nominees in our online Oscars pool.
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users 

http://movies.yahoo.com.au - Yahoo! Movies
- Vote for your nominees in our online Oscars pool.




More information about the Snort-users mailing list