[Snort-users] about idmef xml

lucy lee kidlucy88 at ...131...
Wed Apr 16 19:53:10 EDT 2003


Hi all,
   I can't get any alerts in idmef xml form.I want to
know whether snort-1.9.0-idmef-1.1.tar.gz itself has
bugs or i have error operation? 
   Now i just get xml declaration in
idmef-messages.log, alert_id_num always 
not be written and empty. messages given by run is
such as :
  IDMEF(): Unknown caller type, returning
  IDMEF(): not an IDMEF rule, returning
or 
  IDMEF:cannot output messages on a NULL facility
or 
  Segmentation fault
  while rules have been appended using option such as
"idmef:default" by me.libxml2,libidmf and libntp all
have been installed. I run snort as root right,too. 
  I'm very anxious.Who can paste process about snort
with idmef xml and give me more suggestions?

  thanks in advance!

Lucy

__________________________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo
http://search.yahoo.com




More information about the Snort-users mailing list