[Snort-users] Snort 2.6.1 Stops Logging
Jason.Haar at ...294...
Wed Nov 22 03:02:05 EST 2006
Martin Roesch wrote:
> One thing you could do to help us figure out what's going on is to
> run gdb and attach it to the Snort process. Once it's attached, run
> a backtrace and if the program is stuck in function it should be very
> Can you try that and post the backtrace?
Sure can. My newly upgraded 2.6.1 system still shows the same symptoms -
and they kicked in after <1 hour of starting.
I have three snort-mysql's processes running on this particular box -
two are in the "S" (sleep) state and the broken one is stuck in "R"
(running). Attaching to that process with strace shows ZERO activity -
normally you'd expect to see lines of text per packet. So it's
gdb --pid=PID followed by a BT attached.
PS: this is on a CentOS4.4 system, with kernel 2.6.18 (non-smp)
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the Snort-users