Snort mailing list archives
Re: Acid: Unable to archive
From: roman () danyliw com
Date: Mon, 15 Oct 2001 10:33:03 US/Eastern
Paul, What exactly is the error you are experiencing? The posted log below is debugging output created because $debug_mode has been configure to 1 or greater. Set $debug_mode back to 0 and this debugging information will not be produced. Roman On Tue, 9 Oct 2001, Paul Asadoorian wrote:
I get the following error when trying to archive using the latest version of acid: === ARCHIVE-move Alerts ======== num_alert = 4145 action_sql = SELECT acid_event.sid, acid_event.cid FROM acid_event WHERE acid_event.sid > 0 AND acid_event.sid=2 AND sig_name LIKE '%cmd.exe%' AND ( (( ip_src=2157199167 ) OR (ip_dst=2157199167 )) ) action_op = ALL on Screen action_arg = action_param = context = 1 limit_start = -1 limit_offset = -1 using_blobs = Gathering elements from 50 alert blobs 2 - 18063 Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' 2 - 18069 Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' 2 - 18071 Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' Checking for DB abstraction lib in '/opt/local/adodb/adodb.inc.php' Has anyone else seen this? Thanks, Paul Asadoorian
--------------------------------------------- This message was sent using Voicenet WebMail. http://www.voicenet.com/webmail/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid: Unable to archive Paul Asadoorian (Oct 09)
- Re: Acid: Unable to archive Saad Kadhi (Oct 14)
- Re: Acid: Unable to archive Saad Kadhi (Oct 14)
- <Possible follow-ups>
- Re: Acid: Unable to archive roman (Oct 15)
- a drop rule instead of log or alert Patrick Berthon (Oct 15)