Thu Nov 23 16:36:19 EST 2017

Jan 17 12:47:06 netmonitor01 snort: database: postgresql_error: ERROR:
ExecAppend: Fail to add null value in not null attribute last_cid
Jan 17 12:47:06 netmonitor01 snort: database: Problem obtaining SENSOR ID
(sid) from snort->sensor
Jan 17 12:47:06 netmonitor01 snort: FATAL ERROR:   When this plugin
starts, a SELECT query is run to find the sensor id for the  currently
running sensor. If the sensor id is not found, the plugin will run  an
INSERT query to insert the proper data and generate a new sensor id. Then
a  SELECT query is run to get the newly allocated sensor id. If that fails
then  this error message is generated.   Some possible causes for this
error are:   * the user does not have proper INSERT or SELECT privileges
* the sensor table does not exist   If you are _absolutely_ certain that
you have the proper privileges set and  that your database structure is
built properly please let me know if you  continue to get this error. You
can contact me at (roman at ...438...).

Database privileges are not the issue:

snort=# insert into sensor (hostname,last_cid) values('dummyhost',9999);
INSERT 1549192 1
snort=# select * from sensor;
 sid | hostname  | interface | filter | detail | encoding | last_cid
  10 | dummyhost |           |        |        |          |     9999
(1 row)

The only solution given in the archives was to go the the latest CVS.

2.	snort-stable.tar.gz source, wont compile.  It hangs on sprintf.c:

gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../src -I/usr/include/pcap
-I../src/output-plugins -I../src/detection-plugins -I../src/preprocessors
-DENABLE_POSTGRESQL  -g -O2 -Wall -c `test -f 'snprintf.c' || echo
snprintf.c: In function `sm_dopr':
snprintf.c:153: conflicting types for `sys_errlist'
/usr/include/stdio.h:554: previous declaration of `sys_errlist'
make[3]: *** [snprintf.o] Error 1
make[3]: Leaving directory `/opt/snort-stable/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/opt/snort-stable/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/snort-stable'
make: *** [all] Error 2

Any pointers on getting either the stock 1.9 or the CVS snort-stable to
compile and run correctly greatly appreciated.

Demetri Mouratis
dmourati at ...3878...

