[Snort-users] No alerts on ACID

prabu prabu333 at ...8908...
Sun Oct 17 21:24:11 EDT 2004


Is snort able to capture packets on ur network?.

If so,is Snort is logging alerts to ur database?
        Before,running ACID,you can check whether your Snort Database is getting all the logging details from the 
        senor by executing the following SQL query;

        # echo "SELECT count(*) FROM event" | mysql snort_db -u root  -p
         Executing above query on my system,has produced the value,       
           count(*)
           4406
        #

        Here,my MySQL database (named as snort_db) contained 4406 alerts.If no alerts are found in the database (i.e. a 0 is returned).
This will help U,to check whether Snort is logging alerts into your Database or not.You must check this before running ACID.

If you still find problem,right to me,I will send a simple and easier configuration file to setup Snort-MySQL-ACID Setup.

Cheers,
Prabu.S

  ----- Original Message ----- 
  From: support 
  To: snort-users at lists.sourceforge.net 
  Sent: Sunday, October 17, 2004 9:15 PM
  Subject: [Snort-users] No alerts on ACID


  Hi all,

   

  I have done the complete installation of snort on Redhat 9 , mysql , php . The acid console is opening properly but there are no alerts generating. Also I have the following line in my snort.conf file

  output database: log, mysql, user=snort password=password dbname=snort host=localhost

   

  Is there which is missing ...need ur help

   

  Regards,

  Raj

   

   

  _____________________________________________________________________________________________________________________________

  SITEL INDIA LTD.

  4 A, Park Davis Complex(main)

  Sakinaka,

  Andheri-Kurla Road,

  Mumbai 4000072,

  India. 

  Tel      : 91-22-2820131,28522657

  FAX     : 91-22-28561659

  IPLC    :402-536-4179  

  -e-mail: support at ...12306...

   

   


  ---
  Outgoing mail is certified Virus Free.
  Checked by AVG anti-virus system (http://www.grisoft.com).
  Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20041017/ecbee2c6/attachment.html>


More information about the Snort-users mailing list