[Snort-users] problem logging

Elena Escolano Torner eescolano at ...10780...
Tue Feb 10 08:52:05 EST 2004


Good afternoon,
the database is not full, we have another two sensors writting on  it without problem.
We removed all the logs and reboot the snort several times but nothing change.

"M. Morgan" wrote:

> Elena,
>  My first guess is that the database table is full of garbage alerts. My advice is too check the file size of your logs and the database size to make sure it isnt jammed full, clear everything out, reboot/restart your services and try again.
>
> Just a guess ;)
>
> michael
>
> -----Original Message-----
> From: Elena Escolano Torner <eescolano at ...10780...>
> Sent: Feb 10, 2004 7:28 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] problem logging
>
> Hi everyone,
> we have installed snort Version 2.0.2 (Build 92) with mysql and acid in
> a linux machine (debian 2.4.20-2-686).
>
> Snort used to work correctly, but since some weeks ago it does not log
> anything in the alert file, nor in the snort.log file, nor in the acid
> mysql bbdd.
>
> I can not find anything in the logs that could give me a clue of what is
> happening.
>
> Here are the output lines of our snort.conf file:
> output alert_unified: filename snort.log, limit 128
> output alert_fast: alert
> output database: alert, mysql, user=$user password=$password
> dbname=snort_log host=aaa.aaa.aaa.aaa port=3306 sensor_name=$sensor_name
>
> We have not change anything in the snort.conf, so I do not know why it
> stop working as it used to.
>
> ¿Anyone has experience anything similar? ¿Any idea of what could be
> happening?
>
> Regards and thanks in advance.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eescolano.vcf
Type: text/x-vcard
Size: 628 bytes
Desc: Card for Elena Escolano Torner
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040210/e64b45e3/attachment.vcf>


More information about the Snort-users mailing list