[Snort-users] (no subject)

M. Shirk shirkdog_list at ...125...
Mon Aug 1 14:06:00 EDT 2005


That was a fuxor of language :-)

> > Is the output getting to the DB you defined??

What current analysis tool are you using? ACID/BASE/SnortSnarf (and others)

You can just connect to the DB and run SQL queries to find the last entry in 
the DB.

Shirkdog
http://www.shirkdog.us



>From: Jason Benway <benwaynet at ...11827...>
>Reply-To: Jason Benway <benwaynet at ...11827...>
>To: "M. Shirk" <shirkdog_list at ...125...>
>CC: snort-users at lists.sourceforge.net
>Subject: Re: [Snort-users] (no subject)
>Date: Mon, 1 Aug 2005 15:23:53 -0400
>
>That is the only output command I have in my config.
>
>What do you mean by "Is the output getting the DB you defined??"
>
>I have old data in the database from before I upgraded.
>
>Is there an easy way I could dump all the data from the database so I
>can see if any new data is being written to the database?
>
>I'm running snort from the snortd deamon. so I'm not sure what
>commands are being passed.
>
>jb
>
>On 8/1/05, M. Shirk <shirkdog_list at ...125...> wrote:
> > Do you have any other output plugins specified?
> >
> > Is the output getting the DB you defined??
> >
> > (one more for question)
> > What command lines arg's are you passing to snort?
> >
> > Shirkdog
> > http://www.shirkdog.us
> >
> >
> >
> > >From: Jason Benway <benwaynet at ...11827...>
> > >Reply-To: Jason Benway <benwaynet at ...11827...>
> > >To: snort-users at lists.sourceforge.net
> > >Subject: [Snort-users] (no subject)
> > >Date: Mon, 1 Aug 2005 14:55:30 -0400
> > >
> > >I've running snort 2.3.3.
> > >
> > >Since I starting using the snort.conf from version 2.3.3, It seems
> > >like snort is only writting to the log files. My configur looks like
> > >this:
> > >
> > >output database: log, mysql, user=snort password=**********
> > >dbname=snort host=localhost sensor_name=grand_haven
> > >
> > >my /var/log/snort/eth0
> > >and
> > >/var/log/snort/eth1
> > >are full of log files.
> > >
> > >thanks,jb
> > >
> > >
> > >-------------------------------------------------------
> > >SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> > >from IBM. Find simple to follow Roadmaps, straightforward articles,
> > >informative Webcasts and more! Get everything you need to get up to
> > >speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
> > >_______________________________________________
> > >Snort-users mailing list
> > >Snort-users at lists.sourceforge.net
> > >Go to this URL to change user options or unsubscribe:
> > >https://lists.sourceforge.net/lists/listinfo/snort-users
> > >Snort-users list archive:
> > >http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> > _________________________________________________________________
> > On the road to retirement? Check out MSN Life Events for advice on how 
>to
> > get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
> >
> >
> >
> > -------------------------------------------------------
> > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> > from IBM. Find simple to follow Roadmaps, straightforward articles,
> > informative Webcasts and more! Get everything you need to get up to
> > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/





More information about the Snort-users mailing list