Snort mailing list archives
Re: Is snort dropping packets
From: "John Creegan" <jcreegan () questarweb com>
Date: Wed, 24 Mar 2004 15:42:07 -0600
the USR1 signal doesn't kill the snort process, it just causes it to dump statistics.
Jeff <jcoppock1 () comcast net> 03/24/04 03:21PM >>>
Hutchinson, Andrew, 2004-Mar-24 10:30 -0600:
Look in /var/log/messages right after you run this, and you should
see
the status dump.
If you're running snort on a UNIX or Linux box, determine the process
ID
of the snort process (ps -ef | grep snort), then send it a USR1
signal
(kill -USR1 pid) where pid is the process ID of the snort instance. Then take a look at the last hundred lines or so from the output of "dmsg".
I'm running snort on a Linux platform logging using syslog-ng. Is there a way to get this status information without actually killing the process? jc -- Jeff Coppock Systems Engineer Diggin' Debian Admin and User ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure,copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Is snort dropping packets Jason Humes (Mar 23)
- <Possible follow-ups>
- Re: Is snort dropping packets John Creegan (Mar 23)
- RE: Is snort dropping packets Jason Humes (Mar 24)
- RE: Is snort dropping packets John Creegan (Mar 24)
- RE: Is snort dropping packets Hutchinson, Andrew (Mar 24)
- RE: Is snort dropping packets Rodrigo B. Ramos (Mar 24)
- Re: Is snort dropping packets Jeff (Mar 24)
- Re: Is snort dropping packets John Creegan (Mar 24)