Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort 1.9 alert_fast output plugin problem

From: Martin Roesch <roesch () sourcefire com>
Date: Sun, 15 Dec 2002 14:16:31 -0500
On 12/15/02 8:28 AM, "Ueli Kistler" <iuk () gmx ch> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello

Output plugin alert_fast has some strange behaviour when the sensor has
heavy traffic to log (Nessus scan)

- - Logs are written inside other logs sometimes


Logs or alerts?  Alert_fast is only responsible for writing alerts to the
"alerts" file.


- -> CRLF will be somewhere you wouldn't expect it e.x.


Examples?


I didn't test other output plugins, but i think output database plugin
e.x. is not affected by this problem.

Regards,
  Eclipse
  eclipse () packx net
  www.packx.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9/IOFad+bo3Jl9EkRAtskAJ9Mf0uqjvexYNHZm2LV+WMJUwJcIwCgidOs
uaooQP0qYBz5lSiPAgUqANA=
=iehx
-----END PGP SIGNATURE-----




-- 
Martin Roesch - Founder/CTO Sourcefire Inc. - (410) 290-1616
Sourcefire: Professional Snort Sensor and Management Console appliances
roesch () sourcefire com - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org




-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility 
Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: