Snort mailing list archives
Re: Acid graphs broken?
From: <bthaler () webstream net>
Date: Wed, 24 Oct 2001 16:39:53 -0400
Actually I deleted the AG and data so it is gone. But I have created a new one just to test this. Now we're trying to graph for today 24 OCT 2001. I am not able to produce any graphs in Acid (the gd test graphs are fine, so I know my gd works). I can confirm that the AG contains 355 alerts for 24 OCT 2001. Here is the output of debug (it's quite long): <--- BEGIN DEBUG OUTPUT ---> Chart criteria Array ( [0] => LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) [1] => ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) ) chart_type = 1 data_source = 2 year_start year_end month_start month_end day_start day_end hour_start hour_end 2001 2001 10 10 24 24 0 23 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 0 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 1 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 2 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 3 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 4 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 5 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 6 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 7 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 8 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 9 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 10 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 11 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 12 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 13 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 14 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 15 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 16 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 17 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 18 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 19 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 20 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 21 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 22 SELECT count(*) FROM acid_event LEFT JOIN acid_ag_alert ON (acid_event.sid=acid_ag_alert.ag_sid AND acid_event.cid=acid_ag_alert.ag_cid) WHERE ag_id = 2 AND ( UNIX_TIMESTAMP(timestamp) >= UNIX_TIMESTAMP('2001-10-24 000000') AND UNIX_TIMESTAMP(timestamp) <= UNIX_TIMESTAMP('2001-10-24 230000') ) AND YEAR(timestamp) = 2001 AND MONTH(timestamp) = 10 AND DAYOFMONTH(timestamp) = 24 AND HOUR(timestamp) = 23 chart_type = 1 data_source = 2 Handling Period if necessary ... Dumping data ... (writing only every 1) 0 -- 0 - 0 1 -- 1 - 0 2 -- 2 - 0 3 -- 3 - 0 4 -- 4 - 0 5 -- 5 - 0 6 -- 6 - 0 7 -- 7 - 0 8 -- 8 - 0 9 -- 9 - 0 10 -- 10 - 0 11 -- 11 - 0 12 -- 12 - 0 13 -- 13 - 0 14 -- 14 - 0 15 -- 15 - 0 16 -- 16 - 355 17 -- 17 - 0 18 -- 18 - 0 19 -- 19 - 0 20 -- 20 - 0 21 -- 21 - 0 22 -- 22 - 0 23 -- 23 - 0 <--- END DEBUG OUTPUT ---> Thanks for your help, Brad T. ----- Original Message ----- From: <roman () danyliw com> To: <bthaler () webstream net> Cc: <snort-users () lists sourceforge net> Sent: Wednesday, October 24, 2001 12:29 PM Subject: Re: [Snort-users] Acid graphs broken?
- Are you able to produce any graphs? - Can you confirm that there exists data for the 10/23/2001 in this alert group? - If so, enable $debug_mode=1 in acid_conf.php and send me the output. Roman On Tue, 23 Oct 2001 bthaler () webstream net wrote:I didn't see this in the Acid FAQ, so forgive me if it's been covered before. I'm using Snort-1.8 MySQL on WinNT4 SP6. ACID v0.9.6b16 with PHP 4.0.6 I have added some alerts to a newly created AG and I'm trying to graph the contents ofthe AG.I go to the acid_graph_main.php page and use the following params: Chart Type: Time (hour) vs. Number of Alerts Chart Period: 24 (whole day) Graph Type: Line (I tried all) Chart Begin: 0 23 OCT 2001 Chart End: 23 23 OCT 2001 Data Source: (My AG) This is the output I get: No array of data in $data_values Please Help, Brad T--------------------------------------------- This message was sent using Voicenet WebMail. http://www.voicenet.com/webmail/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid graphs broken? bthaler (Oct 23)
- <Possible follow-ups>
- Re: Acid graphs broken? roman (Oct 24)
- Re: Acid graphs broken? bthaler (Oct 24)