Snort mailing list archives
RE: Acid Database Logs
From: Kenny D <bitored2002 () yahoo com au>
Date: Fri, 1 Mar 2002 05:06:14 +1100 (EST)
Thanks, So with alert i will never have anything in my log file? --- "McGuire, Barrett" <BCMcGuire () esunola uscg mil> wrote: > Ran into same thing. When output database command
is "alert", nothing will show up in log file. when output database command is "log" you will see the alert in the log and in Acid. this is by design. If you do not use the output database "alert", your portscans will not show up in Acid. I use the output database "alert", so that my portscans will show up in Acid. bcmcg -----Original Message----- From: Kenny D [mailto:bitored2002 () yahoo com au] Sent: Thursday, February 28, 2002 10:24 AM To: snort users Subject: [Snort-users] Acid Database Logs Hi, I have setup snort logging to Acid and have noticed something strange. When i view the page localhost\Acid\index.html i notice from time to time alerts being logged. However these alrtsdo not raise a snort alarm,(iuse idscenter to send myself an email) and nothing is logged in my alert.log file. I use the output database command with the alert option not log. Why does this happen? Shouldnt i get an alert on snort? Hope someone can help. Rgds. http://movies.yahoo.com.au - Yahoo! Movies - Vote for your nominees in our online Oscars pool. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users http://movies.yahoo.com.au - Yahoo! Movies - Vote for your nominees in our online Oscars pool. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid Database Logs Kenny D (Feb 28)
- Port scan and MISC Large ICMP Packet CGI (Mar 04)
- Re: Port scan and MISC Large ICMP Packet John Sage (Mar 04)
- <Possible follow-ups>
- RE: Acid Database Logs Kenny D (Feb 28)
- RE: Acid Database Logs Kenny D (Feb 28)
- Port scan and MISC Large ICMP Packet CGI (Mar 04)