[Snort-users] troubleshooting dead snort

Robert Millott robm at ...16885...
Tue Dec 16 14:02:40 EST 2014


My snort IDS keeps dying and I don't know why. Anyone got some good
suggestions on where to start looking?
   I am running snort 2.9.6 with barnyard 2.1.10 beta2 on Gentoo 3.12.13.
It starts up just fine and runs like a champ. sometimes it will run fine
for days, but eventually, I come in and run a "ps ax | grep snort"  and its
just gone.   Barnyard is usually still going, but obviously not doing much
without snort. I check the logs and see nothing about it halting. There is
still a pid in /etc/snort/pid, so I don't think it closed down nicely.
  I've looked at the performance data, but it just shows that it was
running, but doesn't give me any indication of why it stopped.

Suggestions would be appreciated.

-- 
Robert Millott
President, Millott and Associates
(443) 255-3588
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20141216/6b299aeb/attachment.html>


More information about the Snort-users mailing list