Snort mailing list archives

RE: Acid and Sensor ID's

From: "Hall, Duane" <Duane.Hall () hastings-ent com>
Date: Mon, 29 Jul 2002 13:13:44 -0500

This is an update on what I did to fix my particular problem.  It may seem stupid, but what I did was to place the FQDN 
in the hosts file and the short host name.  

I have 3 different sensors logging to a separate mysql machine with ACID.  After I placed the FQDN in the hosts file it 
worked fine.  I guess when I rebooted the mysql server and that particular sensor it failed to pick up its hostname 
correctly.  Maybe this will help someone else in the future.

Duane


Duane Hall
Security Administrator
Hastings Entertainment
Duane.Hall () hastings-ent com

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d+ s:- a- C+ UL++ P+ L++ E--- W++ N++ o K- w--- 
O- M-- V-- PS PE Y PGP t++ 5 X R- tv+ b+ DI++ D+ 
G e+ h---- r+++ y++++ 
------END GEEK CODE BLOCK------

                -----Original Message-----
                From:   Hall, Duane [mailto:Duane.Hall () hastings-ent com]
                Sent:   Monday, July 29, 2002 10:47 AM
                To:     Snort Userslist
                Subject:        [Snort-users] Acid and Sensor ID's

                I had to reboot a sensor over the weekend and now the sensor number in ACID has changed.  Now the 
alerts are not logging correctly.  Any ideas?

                Duane

                Duane Hall
                Security Administrator
                Hastings Entertainment
                Duane.Hall () hastings-ent com

                -----BEGIN GEEK CODE BLOCK-----
                Version: 3.12
                GIT d+ s:- a- C+ UL++ P+ L++ E--- W++ N++ o K- w--- 
                O- M-- V-- PS PE Y PGP t++ 5 X R- tv+ b+ DI++ D+ 
                G e+ h---- r+++ y++++ 
                ------END GEEK CODE BLOCK------


                -------------------------------------------------------
                This sf.net email is sponsored by: Dice - The leading online job board
                for high-tech professionals. Search and apply for tech jobs today!
                http://seeker.dice.com/seeker.epl?rel_code1
                _______________________________________________
                Snort-users mailing list
                Snort-users () lists sourceforge net
                Go to this URL to change user options or unsubscribe:
                https://lists.sourceforge.net/lists/listinfo/snort-users
                Snort-users list archive:
                http://www.geocrawler.com/redir-sf.php3?list=ort-users


-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Acid and Sensor ID's Hall, Duane (Jul 29)
- Re: Acid and Sensor ID's Ian Macdonald (Jul 29)
- RE: Acid and Sensor ID's Gene Gomez (Jul 29)
- <Possible follow-ups>
- RE: Acid and Sensor ID's Hall, Duane (Jul 29)