Snort mailing list archives
Re: No data and alarm log
From: "Xiaoxu Huang" <xhuang () graphnet com>
Date: Thu, 6 Jun 2013 11:08:29 -0400
James, You are correct. We did run snort since yesterday to this morning and we get the alarm messages. Thanks for help and Best regards, Xiaoxu -----Original Message----- From: James Lay [mailto:jlay () slave-tothe-box net] Sent: Wednesday, June 05, 2013 7:56 AM To: Snort Subject: Re: [Snort-users] No data and alarm log On Jun 4, 2013, at 6:51 PM, Xiaoxu Huang <xhuang () graphnet com> wrote:
James, Thanks for help. Please see followings. Best Regards, Xiaoxu snort -A fast -l /var/log/snort -c /etc/snort/snort.conf Running in IDS mode --== Initializing Snort ==-- ====================================================================== ====== === Run time for packet processing was 68.6272 seconds Snort processed 135 packets. Snort ran for 0 days 0 hours 1 minutes 8 seconds Pkts/min: 135 Pkts/sec: 1 ====================================================================== ====== === Packet I/O Totals: Received: 135 Analyzed: 135 (100.000%) Dropped: 0 ( 0.000%) Filtered: 0 ( 0.000%) Outstanding: 0 ( 0.000%) Injected: 0
Ok that looks good.it looks like you didn't have any behaviors that cased the IDS to fire off (not a surprise for only 135 packets ;)). Let it run for a day and see how it goes :) James ---------------------------------------------------------------------------- -- How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- No data and alarm log Xiaoxu Huang (Jun 04)
- Re: No data and alarm log James Lay (Jun 04)
- Re: No data and alarm log Xiaoxu Huang (Jun 04)
- Re: No data and alarm log James Lay (Jun 05)
- Re: No data and alarm log Xiaoxu Huang (Jun 06)
- Re: No data and alarm log James Lay (Jun 06)
- Re: No data and alarm log Xiaoxu Huang (Jun 04)
- Re: No data and alarm log James Lay (Jun 04)