Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort alert file is empty

From: Sabawoon Mageedzada <sabawoon.majeedzada () gmail com>
Date: Wed, 11 Jun 2014 17:58:45 -0400
Hello everyone,

I would appreciate if you guys help me this issue. I am a newbie here.

I have snort 2.9.3 runnining on a linux box.
I have the snort in the /etc/snort/ directory.

I un-commented out the following in /snort.conf file:

include $RUTH_PATH.(something like that..sorry) /icmp.rules

I also  un-commented the :
output unified : snort.log, ....
output unified2: ......

When I rune the this command
sudo snort -c /etc/snort/snortf.conf -l /var/log/snort

I get a lot of commands running then "commencing packets now"...and I want
to ping www.google.com..at the same time the files are created but they are
empty.

Please help me out with this issue. Thanks in advance.

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: