[Snort-users] Very Limited Alerting In ACID
eric at ...12407...
Tue Sep 28 09:17:04 EDT 2004
I am setting up my first Snort Sensor on a Debian Sarge box.
I've used the apt-get packages for snort, mysql, Apache, and ACID.
Everything appears to be working, except I get only a few alerts that show
up in the ACID display. When I look at my /var/log/snort directory, the
alert and tcpdump files are be changed as new alerts occur. Upon
inspection of the log files I see the alerts I am testing, but the ACID
display shows nothing. If I run an NMAP scan against the sensor, it
lights up everytime in ACID!!
Can anyone give me some hints what I may be missing??
CC me on the response since I get this list in digest form.
More information about the Snort-users