[Snort-users] (no subject)
jgiles at ...6534...
Tue Sep 24 16:00:04 EDT 2002
Im not too sure about the exit problem, but I use ACID (Analysis Console for
Intrusion Databases) and a MySQL server to store all my IDS data. Then I can call up
the ACID database and look through all the garbily gook that snort puts out(Keep in
mind that this is importiant garbily gook :-P).
I belive there is a link on the snort website that has documentation for this type
Let me know if you need aditional help ..
And, Good luck with the Exit Error problem :)
Roger Parx writes:
> I am new to Snort and have a few nagging questions for the
>merciful person who can spare time to reply to this mesage.
>1) I set Snort1.8 to run on a Redhat linux7.2 based machine over
>the week-end and found snort halted on monday with the following
>message on screen: Received signal 3, exiting.
>Is that a default timeout programmed into snort to prevent it
>from running for prolonged time?
>How is it different from the "Received signal 2, exiting" signal
>that we get when we exit snort using Ctrl+C.
>2) How can I search the content of multiple log files/folders
>simultaneously for a string?
>For example after I have logged sufficient traffic using the
>command: snort -dev ./snortlog
>( snortlog is the folder I want to log thetraffic in )
>how can I search through the traffic of a range of ip addresses,
>which are saved in folders (named after the ip addresses)
>RogerGet more from the Web. FREE MSN Explorer download :
More information about the Snort-users