[Snort-users] Snort-Running But not Logging....!!

McCammon, Keith Keith.McCammon at ...3497...
Mon Mar 4 06:38:27 EST 2002


Not really familiar with Linux, but have you tried doing a touch on the
file?  Under some circumstances, I have to touch my alert file (using
FreeBSD) before Snort can write to it.  This usually happens when I'm
testing, and doing a lot of alert file deletion, etc.

Just a Monday morning thought...

-----Original Message-----
From: kamesh_rajaram at ...4543... [mailto:kamesh_rajaram at ...4543...]
Sent: Monday, March 04, 2002 2:48 AM
To: snort-users at lists.sourceforge.net
Cc: DEMARC-Users at ...2629...
Subject: [Snort-users] Snort-Running But not Logging....!!


Hi Snort/Demarc Users....!!
	This is abt a strange behaviour of snort 1.8.3. I am using
DEMARC console to monitor in a Linux 7.0 server with 2 ethernet cards.
My problem is that snort is running, but not logging any of the packets
that come to the network. The ifconfig command shows that the packets
are being picked by the NIC. If i stop & restart it, it works fine. I am
unable to figure out the problem... Is there any log that tells me of
this kind of a problem...?? Or what can be done to solve this
problem......Any advice in this regard will be helpful...




More information about the Snort-users mailing list