[Snort-users] No data and alarm log

James Lay jlay at ...13475...
Wed Jun 5 07:55:41 EDT 2013


On Jun 4, 2013, at 6:51 PM, Xiaoxu Huang <xhuang at ...10346...> wrote:

> James,
> 
> Thanks for help.
> 
> Please see followings.
> 
> Best Regards,
> 
> Xiaoxu
> 
> snort -A fast -l /var/log/snort -c /etc/snort/snort.conf
> Running in IDS mode
> 
>        --== Initializing Snort ==--
> 
> ============================================================================
> ===
> Run time for packet processing was 68.6272 seconds
> Snort processed 135 packets.
> Snort ran for 0 days 0 hours 1 minutes 8 seconds
>   Pkts/min:          135
>   Pkts/sec:            1
> ============================================================================
> ===
> Packet I/O Totals:
>   Received:          135
>   Analyzed:          135 (100.000%)
>    Dropped:            0 (  0.000%)
>   Filtered:            0 (  0.000%)
> Outstanding:            0 (  0.000%)
>   Injected:            0


Ok that looks good…it looks like you didn't have any behaviors that cased the IDS to fire off (not a surprise for only 135 packets ;)).  Let it run for a day and see how it goes :)

James



More information about the Snort-users mailing list