Snort mailing list archives
Re: snort not capturing
From: Martin Holste <mcholste () gmail com>
Date: Wed, 14 Sep 2011 16:01:49 -0500
It's probably a permissions issue with /var/log/snort. Try the exact same command without -D, and you should get some indication. You may also wish to run strace snort ... which should show you if it fails to open files. On Wed, Sep 14, 2011 at 2:06 PM, Mario Remy Almeida <mario.almeida () gmail com> wrote:
Dear All, I install snort 2.8.6.1 but when I start its not capturing anything. snort.log and alert files under /var/log/snort are created but both files are empty neither it logs to mysql. Snort is started with the below command /usr/sbin/snort -A fast -b -d -D -I -i eth0 -u snort -g snort -c /etc/snort/snort.conf -l /var/log/snort If i start snort with "-v -i eth0 -u snort -g snort -c /etc/snort/snort.conf " parameters then I can see the tcpdump output on the terminal. can anyone help me? Rgds, Mario ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA Learn about the latest advances in developing for the BlackBerry® mobile platform with sessions, labs & more. See new tools and technologies. Register for BlackBerry® DevCon today! http://p.sf.net/sfu/rim-devcon-copy1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA Learn about the latest advances in developing for the BlackBerry® mobile platform with sessions, labs & more. See new tools and technologies. Register for BlackBerry® DevCon today! http://p.sf.net/sfu/rim-devcon-copy1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- snort not capturing Mario Remy Almeida (Sep 14)
- Re: snort not capturing Martin Holste (Sep 14)
- Re: snort not capturing Mario Remy Almeida (Sep 14)
- Re: snort not capturing Martin Holste (Sep 14)
- Re: snort not capturing Mario Remy Almeida (Sep 14)
- Re: snort not capturing Martin Holste (Sep 15)
- Re: snort not capturing Mario Remy Almeida (Sep 15)
- Re: snort not capturing Jason Wallace (Sep 15)
- Re: snort not capturing Mario Remy Almeida (Sep 15)
- Re: snort not capturing waldo kitty (Sep 15)
- Re: snort not capturing Mario Remy Almeida (Sep 14)
- Re: snort not capturing Martin Holste (Sep 14)