Snort mailing list archives
Re: Empty output (unified) files
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 22 Mar 2012 09:19:42 -0400
Please post your Snort command line and contents of the snort.conf. -- Joel Esler On Mar 22, 2012, at 8:49 AM, Alojzy Kleks <testing4tester () ymail com> wrote:
Hi all, I've installed snort on Ubuntu using the official documentation on Snort website (except installing reporting tool as I'm using snorby). When installation is completed, I wanted to test it. To my big suprise, snort is creating unified output files, but they're empty. I was testing using nmap with intense scanning (including both TCP and UDP) as well as LOIC, but all the files have size of zero. When I redirect output to -A console, I can clearly see the packets, also when I cancel snort process, in the summary I can clearly find statistics, but still nothing can be found in the files. Any tips and tricks will be highly appreciated. ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Empty output (unified) files Alojzy Kleks (Mar 22)
- Re: Empty output (unified) files Joel Esler (Mar 22)
- Re: Empty output (unified) files Alojzy Kleks (Mar 22)
- Re: Empty output (unified) files Alojzy Kleks (Mar 26)
- Re: Empty output (unified) files Joel Esler (Mar 26)
- Message not available
- Message not available
- Fw: Fwd: Empty output (unified) files Alojzy Kleks (Mar 26)
- Re: Empty output (unified) files Joel Esler (Mar 26)
- Re: Empty output (unified) files Alojzy Kleks (Mar 27)
- Re: Empty output (unified) files Nick Moore (Mar 27)
- Re: Empty output (unified) files Alojzy Kleks (Mar 27)
- Re: Empty output (unified) files Joel Esler (Mar 27)
- Message not available
- Re: Empty output (unified) files Joel Esler (Mar 28)
- Re: Empty output (unified) files Alojzy Kleks (Mar 22)
- Re: Empty output (unified) files Joel Esler (Mar 22)