Snort mailing list archives
Re: Trouble to log trace into database
From: "Senthil Prabu.S" <prabu333 () hotpop com>
Date: Sat, 20 Nov 2004 12:59:34 +0530
Hi,I have a trace file with some packets I am trying to analyze. I am trying toload the trace into a mysql database but nothing gets logged. My rules file looks like this: # RULES log tcp any any -> any any log udp any any -> any anyAnd if I just run snort without loading from file, this rules logs every tcpand udp header just fine into the database. Now when I run: C:\Snort\bin>snort -r c:\trace.eth -c c:\Snort\etc\snort-mod.conf \ -l c:\Snort\log I do not get any error but nothing gets logged to the database. See below Can anyone give me a hint of what am I doing wrong?
Hi, I have tested just now the same rules set to a tcpdump captured file.It logged all my alerts and logs. Are you able to read tcpdump file through other tools? Then,Checkout your snort database setting. -- Senthil prabu.S If you are smart enough to know that you're not smart enough to be an Engineer, then you're in Business._________________________________________________________________
------------------------------------------------------- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Trouble to log trace into database Juan (Nov 05)
- <Possible follow-ups>
- Trouble to log trace into database Juan (Nov 19)
- Re: Trouble to log trace into database Senthil Prabu.S (Nov 19)
- RE: Trouble to log trace into database Jeff Dell (Nov 20)