[Snort-users] Snort 2.0.0, Running but no activity. No logging

Ilo Lorusso ilo at ...9183...
Thu May 15 06:05:03 EDT 2003


Hi,
Ive recently installed the latest version of Snort being Snort 2.0.0.
Now Ive configured it to do fast_alerts and send alerts to SYSLOG which is not happening.

  output alert_syslog: LOG_AUTH LOG_ALERT
  output alert_fast: /var/log/snort.log

Now when i in the foreground and I get the Break down by protocal report after
snort being stopped it gives no traffic break down after specifying how many packets it analyzed 
which im sure its ment to do. 

===============================================================================
Snort analyzed 573 out of 1041 packets, dropping 468(44.957%) packets

Breakdown by protocol:                Action Stats:
    TCP: 0          (0.000%)          ALERTS: 0
    UDP: 0          (0.000%)          LOGGED: 0
   ICMP: 0          (0.000%)          PASSED: 0
    ARP: 0          (0.000%)
  EAPOL: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 0          (0.000%)
DISCARD: 0          (0.000%)
===============================================================================
Wireless Stats:
Breakdown by type:
    Management Packets: 0          (0.000%)
    Control Packets:    0          (0.000%)
    Data Packets:       0          (0.000%)
===============================================================================
Fragmentation Stats:
Fragmented IP Packets: 0          (0.000%)
    Fragment Trackers: 0
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
  Frag2 memory faults: 0
===============================================================================
TCP Stream Reassembly Stats:
        TCP Packets Used: 0          (0.000%)
         Stream Trackers: 0
          Stream flushes: 0
           Segments used: 0
   Stream4 Memory Faults: 0
===============================================================================

Any Ideas why this is not happening?


Thanks,
Ilo Lorusso.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030515/cb75f2be/attachment.html>


More information about the Snort-users mailing list