[Snort-users] Snort only partially alerting.

Frank Calone fc10011001 at ...11827...
Fri Jun 14 15:50:23 EDT 2013

I added the following option to the command line:
-k none

Here is the full command line I'm using:
/usr/sbin/snort -A fast -b -d -D -k none -i em3 -u snort -g snort -c
/etc/snort/snort.conf -l /var/log/snort -G 3

I was hopeful this would fix the alerting, however, it did not.  I had two
alerts today that the new Snort server did not flag.  Any other suggestions
on what to check out next is much appreciated.


On Wed, Jun 12, 2013 at 9:16 PM, Joel Esler <jesler at ...1935...> wrote:

>   On Jun 12, 2013, at 11:33 AM, Frank Calone <fc10011001 at ...11827...> wrote:
> Snort on the appliance alerted but Snort on the server did not.
> Dear Frank,
> Thanks for your email.  I believe you will find what you are looking for
> here:
> https://github.com/vrtadmin/snort-faq/blob/master/FAQ/Im-not-receiving-alerts-in-Snort.md
> --
> *Joel Esler*
> Senior Research Engineer, VRT
> OpenSource Community Manager
> Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130614/83c3288d/attachment.html>

More information about the Snort-users mailing list