[Snort-users] snort and guardian
b.brombach at ...9655...
Tue Aug 19 06:15:18 EDT 2003
i have got an urgent problem using snort and guardian.
I configured snort to write alerts to syslog (alerts are stored in
/var/log/messages) and mysql database.
I configured guardian to the /var/log directory to hopefully use the
SuSe 8.2 is the system i have running and snort and guardian are newest
As guardian seems to run fine but just doesnt do anything i changed the
guardian_block.sh to just print some text to screen and write into a file.
But even with attacks using snot theres no reaction from guardian.
I tried to use snort -A Fast and use the snort.alert file for guardian but
no reaction as well.
I checked the log files, the alerts are stored there.
I started guardian in debug mode but did never get any debug information on
Do i have to configure snort in a special way to make guardian use the
If you have guardian running please send me hints on how to get mine working
as well, or your starting command with configuration options for snort and
Thanks for any help and reply.
More information about the Snort-users