[Snort-users] I wanna log packets to database of which the ip_src is my own pc, but failed.
xcst at ...15456...
Sun Dec 11 19:56:43 EST 2011
I wanna log packets to database of which the ip_src is my own pc,but failed.
I'm using snort in win7.
We know that using snort in its sniffer mode we can log a lot packets
into a file, and now I want to log them to a mysql server. I enabled
the database output plugin in the snort.conf and customed a rule: log
icmp any any <> any any (sid:1;) as test. Everything is OK and I used
a PC who's ip is 172.18.186.186 to ping another 172.18.186.189. What I
hope to get is 8 records,among which there would be 4 records and
their ip_src are 172.18.186.186. However I just got 4 records and
their ip_dst are 172.18.186.186 while the ip_src are 172.18.186.186.
OK,that's my problem. How can I get the 8 records I want to see? Could
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users