Snort mailing list archives
Re: invalid event id, eventlog, win32
From: "Chris Reid" <Chris.Reid () codecraftconsultants com>
Date: Mon, 09 Feb 2004 08:43:52 -0700
This is a known issue which has already been corrected in the snort 2.1.1 source code. Try downloading one of the versions of snort from our website (www.codecraftconsultants.com) and see if that fixes the problem. Chris Reid -----Original Message----- From: Daniel Guido <infiniteedge () speakeasy net> To: snort-users () lists sourceforge net Date: Sat, 07 Feb 2004 02:28:00 -0500 Subject: [Snort-users] invalid event id, eventlog, win32
snort under these conditions: windows xp snort 2.1.0 'snort /SERVICE /INSTALL -de -X -b -l C:\snort\log -c C:\snort\etc\snort.conf' 'output alert_syslog: LOG_AUTH LOG_ALERT' gives me this output in the eventlog: The description for Event ID ( 1 ) in Source ( snort ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: [1:1852:3] WEB-MISC robots.txt access [Classification: access to a potentially vulnerable web application] [Priority: 2]: {TCP} x.x.x.x:57793 -> x.x.x.x:80. i searched google for some answers but only found a few of the same questions. I had 2.0.4 running fine before this. Does anyone know what this means? Dan Guido ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- invalid event id, eventlog, win32 Daniel Guido (Feb 09)
- Re: invalid event id, eventlog, win32 Chris Reid (Feb 09)
- RE: invalid event id, eventlog, win32 Michael Steele (Feb 09)