[Snort-users] Acid and Sensor ID's

Hall, Duane Duane.Hall at ...4888...
Mon Jul 29 11:14:04 EDT 2002


This is an update on what I did to fix my particular problem.  It may seem stupid, but what I did was to place the FQDN in the hosts file and the short host name.  

I have 3 different sensors logging to a separate mysql machine with ACID.  After I placed the FQDN in the hosts file it worked fine.  I guess when I rebooted the mysql server and that particular sensor it failed to pick up its hostname correctly.  Maybe this will help someone else in the future.

Duane


Duane Hall
Security Administrator
Hastings Entertainment
Duane.Hall at ...4888...

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d+ s:- a- C+ UL++ P+ L++ E--- W++ N++ o K- w--- 
O- M-- V-- PS PE Y PGP t++ 5 X R- tv+ b+ DI++ D+ 
G e+ h---- r+++ y++++ 
------END GEEK CODE BLOCK------

		-----Original Message-----
		From:	Hall, Duane [mailto:Duane.Hall at ...4888...]
		Sent:	Monday, July 29, 2002 10:47 AM
		To:	Snort Userslist
		Subject:	[Snort-users] Acid and Sensor ID's

		I had to reboot a sensor over the weekend and now the sensor number in ACID has changed.  Now the alerts are not logging correctly.  Any ideas?

		Duane

		Duane Hall
		Security Administrator
		Hastings Entertainment
		Duane.Hall at ...4888...

		-----BEGIN GEEK CODE BLOCK-----
		Version: 3.12
		GIT d+ s:- a- C+ UL++ P+ L++ E--- W++ N++ o K- w--- 
		O- M-- V-- PS PE Y PGP t++ 5 X R- tv+ b+ DI++ D+ 
		G e+ h---- r+++ y++++ 
		------END GEEK CODE BLOCK------


		-------------------------------------------------------
		This sf.net email is sponsored by: Dice - The leading online job board
		for high-tech professionals. Search and apply for tech jobs today!
		http://seeker.dice.com/seeker.epl?rel_code1
		_______________________________________________
		Snort-users mailing list
		Snort-users at lists.sourceforge.net
		Go to this URL to change user options or unsubscribe:
		https://lists.sourceforge.net/lists/listinfo/snort-users
		Snort-users list archive:
		http://www.geocrawler.com/redir-sf.php3?list=ort-users




More information about the Snort-users mailing list