[Snort-users] Acid shows sensors as 0

Kevin Johnson kjohnson at ...12400...
Tue Nov 23 11:17:01 EST 2004


On Tue, 2004-11-23 at 14:07, Gentian Hila wrote:
> Hi all, 
> 
> 
> 
> I have snort configured on Fedor core 2. Everything went well and I 
> installed Acid as well. Snort runs, mysql runs. I was able to create
> the tables and granting the permissions. Everything went just fine.
> The problem I am having is acid is not displaying any traffic. I have
> seen the snort logs and
> they have traffic. Could someone please tell me why acid is not 
> displaying any traffic.  
> The acid page shows sensors as 0.

It would appear to me that Snort is not logging to the database. 
ACID/BASE will only display traffic that has made it to the database.  A
simple test would be to run the following SQL command and see if it
returns a count above 0....

SELECT count(*) FROM `sensor`;

This will let you know if the sensor is even connecting to the
database.  

Let me know if you need any more help.
Kevin Johnson
-------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20041123/1d8f099f/attachment.sig>


More information about the Snort-users mailing list