Snort mailing list archives

Re: Snort 2.8.1 - TimeStats()

From: Wes Young <wcyoung () buffalo edu>
Date: Tue, 17 Jun 2008 07:36:19 -0400

Thanks Todd,

That was my next step (moving to 2.8.2). I started modifying codemyself but wanted to double check before I went too much down that rathole... =)


Thanks again...

On Jun 17, 2008, at 6:29 AM, Todd Wease wrote:

Wes,

Thanks for bringing this to our attention.  I just tested this on
snort-2.8.1 and snort-2.8.2, and in daemon mode, as you note, it does
not seem to work in snort-2.8.1.  It does seem to work in snort-2.8.2.
I'm not able to track down exactly why yet (just putting a random
printf() call seemed to get it going), but 2.8.2 has some significant

performance improvements, so maybe upgrade to 2.8.2 to takeadvantage of

that as well.

Thanks,
Todd

Wes Young wrote:

This might be a dumb question, but does anyone have snort-2.8.1working

successfully with --enable-timestats ?

I've got a red-hat box running and it dumps the initial startup and

exiting output to syslog, but once it's going, doesn't dump thehourly

statistical dump.

i've got snort running with the flags:

-g snort -u snort -D -M -y

but no luck. Tried searching through the code and google a bit w/omuch

luck... Just wanna verify that someone has it working, or i'm not
missing some stupid option before I dig too much further...
--
Wes Young
Network Security Analyst
CIT - University at Buffalo
http://claimid.com/saxjazman9








------------------------------------------------------------------------

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php


------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


--
Wes Young
Network Security Analyst
CIT - University at Buffalo
http://claimid.com/saxjazman9

Attachment: smime.p7s
Description:

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort 2.8.1 - TimeStats() Wes Young (Jun 16)
- Re: Snort 2.8.1 - TimeStats() JJ Cummings (Jun 16)
- Re: Snort 2.8.1 - TimeStats() Todd Wease (Jun 17)
  - Re: Snort 2.8.1 - TimeStats() Wes Young (Jun 17)