[Snort-users] No alerts on ACID

support support at ...12306...
Fri Oct 22 05:17:48 EDT 2004


Hi all,
 
Thanks for all the help,
I finally got the alerts on my console.
Prabhu: Ur sql command below was really very helpful
The reason I ask such silly Q? is that I am not aware of linux or mysql
, even though I just made it work , thanks to Patrick documents and all
others.
 
But a small query the below mentioned command does show me 145 alerts ,
as well on Console it shows me that 145 Alert added to Cache. How do I
clear this alert cache since I have a limited Disk space.
 
Raj
________________________________________________________________________
_____________________________________________________
SITEL INDIA LTD.
4 A, Park Davis Complex(main)
Sakinaka,
Andheri-Kurla Road,
Mumbai 4000072,
India. 
Tel      : 91-22-2820131,28522657
FAX     : 91-22-28561659
IPLC    :402-536-4179  
*e-mail:  <mailto:support at ...12306...> support at ...12306...
 
-----Original Message-----
From: prabu [mailto:prabu333 at ...8908...] 
Sent: Monday, October 18, 2004 9:53 AM
To: support; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] No alerts on ACID
 
Is snort able to capture packets on ur network?.
 
If so,is Snort is logging alerts to ur database?
        Before,running ACID,you can check whether your Snort Database is
getting all the logging details from the 
        senor by executing the following SQL query;
 
        # echo "SELECT count(*) FROM event" | mysql snort_db -u root  -p
         Executing above query on my system,has produced the value,

           count(*)
           4406
        #
        Here,my MySQL database (named as snort_db) contained 4406
alerts.If no alerts are found in the database (i.e. a 0 is returned).
This will help U,to check whether Snort is logging alerts into your
Database or not.You must check this before running ACID.
 
If you still find problem,right to me,I will send a simple and easier
configuration file to setup Snort-MySQL-ACID Setup.
 
Cheers,
Prabu.S
 
----- Original Message ----- 
From: support <mailto:support at ...12306...>  
To: snort-users at lists.sourceforge.net 
Sent: Sunday, October 17, 2004 9:15 PM
Subject: [Snort-users] No alerts on ACID
 
Hi all,
 
I have done the complete installation of snort on Redhat 9 , mysql , php
. The acid console is opening properly but there are no alerts
generating. Also I have the following line in my snort.conf file
output database: log, mysql, user=snort password=password dbname=snort
host=localhost
 
Is there which is missing ...need ur help
 
Regards,
Raj
 
 
________________________________________________________________________
_____________________________________________________
SITEL INDIA LTD.
4 A, Park Davis Complex(main)
Sakinaka,
Andheri-Kurla Road,
Mumbai 4000072,
India. 
Tel      : 91-22-2820131,28522657
FAX     : 91-22-28561659
IPLC    :402-536-4179  
*e-mail:  <mailto:support at ...12306...> support at ...12306...
 
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20041022/763d2d06/attachment.html>


More information about the Snort-users mailing list