[Snort-users] ACID displaying 0 Sensors
bgregor at ...9225...
Tue May 20 05:02:14 EDT 2003
That is normal until you get an alert,
Are you on the same network as the sensor. If so you may need to add an
alert in order to get ACID to display a message. You need to
etc/rules/local.rules file and add this line:
alert ip !$HOME_NET any -> $HOME_NET any (msg:"LOCAL ACIDTEST";)
This should generate tons of alerts in acid,
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Kuriscak,
Sent: Monday, May 19, 2003 3:20 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] ACID displaying 0 Sensors
My apologizes if my question is amateurish, but I am having difficulty in
configuring my ACID console to display alerts. ACID seems to be working
(MYSQL database & snort appear to also be working) but I have a big " 0
sensors" displaying through the console?
Any assistance is greatly appreciated.
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users