[Snort-users] Can't get Swatch to run

Michael.Spotz at ...194... Michael.Spotz at ...194...
Thu Oct 21 15:11:00 EDT 2004

I know some of you are running Swatch with Snort.  I've been unable to get Swatch
to run.  Here's hoping someone can help.

I've installed Swatch on a Sun E220R server running Solaris 8.

If I run the following command:

     "./swatch --tail-file=/var/log/syslog --tail-args -10"

I get the following message:

     "*** swatch version 3.1.1 (pid:710) started at Tue Oct 12 14:09:12 EDT 2004"

But if I run:  " ps -ef | grep swatch"

I get the following message:

     "root   714 28927  0 14:09:26 pts/14   0:00 grep swatch"

And if I run:  "ps -p 710"

I get the following message:

     "PID TTY      TIME CMD"

Obviously, swatch is not running.  Any help will be appreciated.  Thanks very much.

More information about the Snort-users mailing list