Snort mailing list archives
Problems with logging
From: "Victor Usjanov" <victor () decna com>
Date: Fri, 8 Mar 2002 09:12:56 +0100
Hello I have snort and demarc running here. Everything worked just fine before i have installed guardian (a script that uses snort logs to update firewall rules). When i have installed guardian i had to add -s option to snort, to get snort logs to syslog. But it seems that snort stops to log to mysql database when i use -s option. I see that snort generates new alerts ( they apperar in /var/log/messages and in alert and in portscan and alert log files), but nothing new comes up in demarc. Here is what i get when i start demarc: snort is NOT running Attempting to start snort WARNING: command line overrides rules file alert plugin! Checking if snort is running at PID: 11267 PS output: PID TTY STAT TIME COMMAND 11267 pts/0 S 0:00 /usr/local/bin/snort -o -q -s -c /usr/local/demarc/conf/snor.conf Someone has any idea how i can fix it ? ( to log to both mysql and syslog) -- Victor _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Problems with logging Victor Usjanov (Mar 08)