Snort mailing list archives
RE: ACID displaying 0 Sensors
From: "Brian Gregorcy" <bgregor () dcti com>
Date: Tue, 20 May 2003 06:00:59 -0600
That is normal until you get an alert, Are you on the same network as the sensor. If so you may need to add an alert in order to get ACID to display a message. You need to etc/rules/local.rules file and add this line: alert ip !$HOME_NET any -> $HOME_NET any (msg:"LOCAL ACIDTEST";) This should generate tons of alerts in acid, good luck b -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Kuriscak, Ronald Sent: Monday, May 19, 2003 3:20 PM To: snort-users () lists sourceforge net Subject: [Snort-users] ACID displaying 0 Sensors My apologizes if my question is amateurish, but I am having difficulty in configuring my ACID console to display alerts. ACID seems to be working (MYSQL database & snort appear to also be working) but I have a big " 0 sensors" displaying through the console? Any assistance is greatly appreciated. Thanks. Ron ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID displaying 0 Sensors Kuriscak, Ronald (May 19)
- RE: ACID displaying 0 Sensors Brian Gregorcy (May 20)