[Snort-users] Trouble to log trace into database

Senthil Prabu.S prabu333 at ...8908...
Fri Nov 19 23:32:00 EST 2004


> Hi,
> I have a trace file with some packets I am trying to analyze. I am trying 
> to
> load the trace into a mysql database but nothing gets logged.
> My rules file looks like this:
> # RULES
> log tcp any any -> any any
> log udp any any -> any any
>
> And if I just run snort without loading from file, this rules logs every 
> tcp
> and udp header just fine into the database. Now when I run:
> C:\Snort\bin>snort -r c:\trace.eth -c c:\Snort\etc\snort-mod.conf \
> -l c:\Snort\log
>
> I do not get any error but nothing gets logged to the database. See below
> Can anyone give me a hint of what am I doing wrong?

Hi,
     I have tested just now the same rules set to a tcpdump
 captured file.It logged all my alerts and logs.
Are you able to read tcpdump file through other tools?
Then,Checkout your snort database setting.


--
Senthil prabu.S

If you are smart enough to know that you're not smart enough to be an
Engineer, then you're in Business.
_________________________________________________________________ 






More information about the Snort-users mailing list