Portscans aren't logging to postgresql...

[daedalus () ripco com (Daedalus)]

Hi all,

I've got snort set up to log to postgresql and acid to view/manage it,
but for some reason it isn't logging portscans to the db.  I can see
the spp portscan messages in the default alert file and the info is
collected in portscan.log but nothing makes it to the signature table
and acid reports 0% traffic from portscans.  Any idea what's wrong?

Also, I have a question about the -A switch when starting snort.
If I want to log only to the database do I use -A none?  Or, will
that shut off alerts to the db as well?  Right now snort is logging
to both the alert file and the db.

BTW I'm using Snort 1.8.2, PostgreSQL 7.1.3 and acid 0.9.6b17

Thanks for any input,
-Bill
 






?



clear


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users