Snort mailing list archives
Cannot archive alerts (ACID)
From: Jeff Workman <jworkman () pimpworks org>
Date: Sun, 14 Mar 2004 15:36:04 -0500
ACID Version: 0.9.6b23 Schema version: 106 PostgreSQL version: 7.4I cannot get ACID to archive my alerts. I created both the snort and the archive database at the same time, with the same permissions for the snort user, but I get the following SQL error when I try to archive:
Archive error:Database ERROR:ERROR: insert or update on table "iphdr" violates foreign key constraint "iphdr_fkey_sid_cid" DETAIL: Key (sid,cid)=(2,276) is not present in table "event". INSERT INTO iphdr (sid,cid, ip_src, ip_dst, ip_ver,ip_hlen,ip_tos,ip_len,ip_id,ip_flags, ip_off,ip_ttl,ip_proto,ip_csum) VALUES (2, 276, '3396030466', '202676840','4','5','0','404','27500','0','0','112','17','7427')
INSERT INTO iphdr (sid,cid, ip_src, ip_dst, ip_ver,ip_hlen,ip_tos,ip_len,ip_id,ip_flags, ip_off,ip_ttl,ip_proto,ip_csum) VALUES (2, 276, '3396030466', '202676840','4','5','0','404','27500','0','0','112','17','7427')
Ignored 1 duplicate alert(s) No alerts were selected or the ARCHIVE-copy was not successful -Jeff -- Jeff Workman | jworkman () pimpworks org | http://www.pimpworks.org ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Cannot archive alerts (ACID) Jeff Workman (Mar 16)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 16)
- Re: Cannot archive alerts (ACID) Jeff Workman (Mar 19)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 17)
- Re: Cannot archive alerts (ACID) Jeff Workman (Mar 19)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 16)