[Snort-users] ACID displaying 0 Sensors

Brian Gregorcy bgregor at ...9225...
Tue May 20 05:02:14 EDT 2003


That is normal until you get an alert,

Are you on the same network as the sensor.  If so you may need to add an
alert in order to get ACID to display a message.  You need to
etc/rules/local.rules file and add this line:
alert ip !$HOME_NET any -> $HOME_NET any (msg:"LOCAL ACIDTEST";)

This should generate tons of alerts in acid,

good luck

b


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Kuriscak,
Ronald
Sent: Monday, May 19, 2003 3:20 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] ACID displaying 0 Sensors


My apologizes if my question is amateurish, but I am having difficulty in
configuring my ACID console to display alerts. ACID seems to be working
(MYSQL database & snort appear to also be working) but I have a big " 0
sensors" displaying through the console?

Any assistance is greatly appreciated.

Thanks.

Ron


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list