[Snort-users] Acid Not Logging
roman at ...438...
Wed Mar 20 08:54:05 EST 2002
ACID only reads what is logged to the database. Have you configured snort to
log to the database?
On Wed, 20 Mar 2002 06:54:34 -0800 (PST), a s <agpiah at ...131...> wrote :
> I've just installed snort for the first time following
> the instruction of the silicon defense website with
> snort running as a service with MySql and Acid to log
> the alerts.
> If I manually start snort with "snort -v -i2" I can
> see traffice following in the screen. However I am now
> running the snort conf file 18.104.22.168 (2002/02/18)
> which shows snort ruleset 1.8.1 and I am not getting
> any alerts comming through to the ACID alert panel or
> any analysis of traffic profile by protocol.
> Does anyone have a conf file that would log all trafic
> (like running snort -v -i2) so I could see if / when
> ACID is in fact logging, I thought this may be easier
> than changing all the registry keys etc that I have
> now set up with running snort as a service.
> Mental note, Next time I'll check it is all working
> before installing as a service, not just snort !!
> I have scanned the box Snort is running on with Nmap
> and not a flicker.
> Thanks in advance
> Do You Yahoo!?
> Yahoo! Sports - live college hoops coverage
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users