Snort mailing list archives
Snort Statistics logging in Daemon Mode now working
From: dogbert () netnevada net
Date: Fri, 6 Aug 2004 13:55:39 -0700
Hi All, Thanks to user Sekure on this list and a URL reference from 2003: http://www.pantek.com/library/general/lists/snort.org/snort-devel/msg00522.html I inserted the following code per the URL: Change In snort.c /* Print Statistics */ if(!pv.test_mode_flag) { fpShowEventStats(); DropStats(0); } to /* Print Statistics */ if(!pv.test_mode_flag) { fpShowEventStats(); pv.quiet_flag = 0; DropStats(0); pv.quiet_flag = 1; } and now I get this in my /var/log/messages :) Aug 6 13:53:05 nermal snort: Snort initialization completed successfully Aug 6 13:53:30 nermal snort: =============================================================================== Aug 6 13:53:30 nermal snort: Snort analyzed 8668 out of 8668 packets, Aug 6 13:53:30 nermal snort: dropping 0(0.000%) packets Aug 6 13:53:30 nermal snort: Breakdown by protocol: Action Stats: Aug 6 13:53:30 nermal snort: TCP: 8535 (98.466%) ALERTS: 0 Aug 6 13:53:30 nermal snort: UDP: 118 (1.361%) LOGGED: 0 Aug 6 13:53:30 nermal snort: ICMP: 0 (0.000%) PASSED: 0 Aug 6 13:53:30 nermal snort: ARP: 0 (0.000%) Aug 6 13:53:30 nermal snort: EAPOL: 0 (0.000%) Aug 6 13:53:30 nermal snort: IPv6: 0 (0.000%) Aug 6 13:53:30 nermal snort: IPX: 0 (0.000%) Aug 6 13:53:30 nermal snort: OTHER: 15 (0.173%) Aug 6 13:53:33 nermal snort: DISCARD: 0 (0.000%) Aug 6 13:53:33 nermal snort: =============================================================================== Aug 6 13:53:33 nermal snort: Wireless Stats: Aug 6 13:53:33 nermal snort: Breakdown by type: Aug 6 13:53:33 nermal snort: Management Packets: 0 (0.000%) Aug 6 13:53:33 nermal snort: Control Packets: 0 (0.000%) Aug 6 13:53:33 nermal snort: Data Packets: 0 (0.000%) Aug 6 13:53:33 nermal snort: =============================================================================== Aug 6 13:53:33 nermal snort: Fragmentation Stats: Aug 6 13:53:33 nermal snort: Fragmented IP Packets: 0 (0.000%) Aug 6 13:53:33 nermal snort: Fragment Trackers: 0 Aug 6 13:53:33 nermal snort: Rebuilt IP Packets: 0 Aug 6 13:53:33 nermal snort: Frag elements used: 0 Aug 6 13:53:33 nermal snort: Discarded(incomplete): 0 Aug 6 13:53:33 nermal snort: Discarded(timeout): 0 Aug 6 13:53:33 nermal snort: Frag2 memory faults: 0 Aug 6 13:53:33 nermal snort: =============================================================================== Aug 6 13:53:33 nermal snort: TCP Stream Reassembly Stats: Aug 6 13:53:33 nermal snort: TCP Packets Used: 8535 (98.466%) Aug 6 13:53:33 nermal snort: Stream Trackers: 165 Aug 6 13:53:33 nermal snort: Stream flushes: 0 Aug 6 13:53:33 nermal snort: Segments used: 0 Aug 6 13:53:33 nermal snort: Stream4 Memory Faults: 0 Aug 6 13:53:33 nermal snort: =============================================================================== Aug 6 13:53:33 nermal snort: Final Flow Statistics Aug 6 13:53:33 nermal snort: Snort exiting Looks like the original poster in the URL was correct, that this change got left out in the merge? (shrug) Bill ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Statistics logging in Daemon Mode now working dogbert (Aug 06)