[Snort-users] (no subject)

Al Lewis (allewi) allewi at cisco.com
Mon Feb 5 10:13:49 EST 2018


1) check if snort is running
2) check if snort is receiving traffic
3) create an "any to any" rule. Replay traffic into snort

Take it from there... 

Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
SOURCEfire, Inc. now part of Cisco
Email: allewi at cisco.com 
On 2/5/18, 9:45 AM, "Snort-users on behalf of Dan O'Brien via Snort-users" <snort-users-bounces at lists.snort.org on behalf of snort-users at lists.snort.org> wrote:

    Good morning all,
    
    All of the sudden, I am not getting any alerts.  I haven’t gotten an alert in close to 48  hours. What should I try first ?
    
    Thanks,
    Dan
    
    "Better is a poor man who walks in his integrity than a rich man who is crooked in his ways." - Proverbs 28:
    _______________________________________________
    Snort-users mailing list
    Snort-users at lists.snort.org
    Go to this URL to change user options or unsubscribe:
    https://lists.snort.org/mailman/listinfo/snort-users
    
    Please visit http://blog.snort.org to stay current on all the latest Snort news!
    
    Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
    



More information about the Snort-users mailing list