[Snort-users] (no subject)

Joe Giles jgiles at ...6534...
Tue Sep 24 16:00:04 EDT 2002


Im not too sure about the exit problem, but I use ACID (Analysis Console for 
Intrusion Databases) and a MySQL server to store all my IDS data. Then I can call up 
the ACID database and look through all the garbily gook that snort puts out(Keep in 
mind that this is importiant garbily gook :-P).

I belive there is a link on the snort website that has documentation for this type 
of setup. 

Let me know if you need aditional help ..

Thanks

And, Good luck with the Exit Error problem :)

Joe

Roger Parx writes:
>Hi
>  I am new to Snort and have a few nagging questions for the
>merciful person who can spare time to reply to this mesage.
>
>1) I set Snort1.8 to run on a Redhat linux7.2 based machine over
>the week-end and found snort halted on monday with the following
>message on screen: Received signal 3, exiting.
>Is that a default timeout programmed into snort to prevent it
>from running for prolonged time?
>How is it different from the "Received signal 2, exiting" signal
>that we get when we exit snort using Ctrl+C.
>
>
>2) How can I search the content of multiple log files/folders
>simultaneously for a string?
>For example after I have logged sufficient traffic using the
>command: snort -dev ./snortlog
>( snortlog is the folder I want to log thetraffic in )
>how can I search through the traffic of a range of ip addresses,
>which are saved in folders (named after the ip addresses)
>
>Thank you
>
>RogerGet more from the Web.  FREE MSN Explorer download :
>http://explorer.msn.com
>




More information about the Snort-users mailing list