[Snort-users] SNORT-2.9.4 Installed properly but NOT Logging ALERTS

ARUN PUSHKAR arunpushkar at ...11827...
Wed Feb 20 11:02:56 EST 2013


*USING snort 2.9.4, daq 2.0.0, snortrules-snapshot-2940

I have installed snort and after installation when i run following:*

sudo snort -c /usr/local/snort/etc/snort.conf
–dump-dynamic-rules=/usr/local/snort/so_rules

*I Get:*

Finished dumping dynamic rules.

Snort exiting

*When i run this:*

sudo snort -c /usr/local/snort/etc/snort.conf -T -l /var/log/snort

*I Get:*

Snort successfully validated the configuration!

Snort exiting

*When i Run:*

/usr/local/snort/bin/snort -i eth0

*I can see traffic but when i use ' curl http://testmyids.com ' for testing
SNORT installation it does not gives any alert in unified2 file which is
being logged in /var/log/snort*

*snort config file has this line for logging into unified file :*

output unified2: filename unified.snort.alert, limit 128

*And for starting snort i am using:*

sudo snort -c /usr/local/snort/etc/snort.conf -l /var/log/snort -i eth0

*Every thing seems to be right but why is it not logging alerts ?*


-- 
Arun Pushkar
09043404301
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130220/165b0176/attachment.html>


More information about the Snort-users mailing list