Re: No data and alarm log

[James Lay <jlay () slave-tothe-box net>]

On Jun 4, 2013, at 6:51 PM, Xiaoxu Huang <xhuang () graphnet com> wrote:

> James,
>
> Thanks for help.
>
> Please see followings.
>
> Best Regards,
>
> Xiaoxu
>
> snort -A fast -l /var/log/snort -c /etc/snort/snort.conf
> Running in IDS mode
>
>        --== Initializing Snort ==--
>
> ============================================================================
> ===
> Run time for packet processing was 68.6272 seconds
> Snort processed 135 packets.
> Snort ran for 0 days 0 hours 1 minutes 8 seconds
>   Pkts/min:          135
>   Pkts/sec:            1
> ============================================================================
> ===
> Packet I/O Totals:
>   Received:          135
>   Analyzed:          135 (100.000%)
>    Dropped:            0 (  0.000%)
>   Filtered:            0 (  0.000%)
> Outstanding:            0 (  0.000%)
>   Injected:            0


Ok that looks good…it looks like you didn't have any behaviors that cased the IDS to fire off (not a surprise for only 
135 packets ;)).  Let it run for a day and see how it goes :)

James
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!