Snort mailing list archives
Re: Dynamic Rule [X:XXXXX] was not initialized properly.
From: Jeff Meigs <jmeigs () sunwestecu com>
Date: Fri, 13 Jun 2014 15:18:38 +0000
From: Jeff Meigs Sent: Friday, June 13, 2014 9:10 AM To: 'Joel Esler (jesler)' Subject: RE: [Snort-users] Dynamic Rule [X:XXXXX] was not initialized properly. All Paths were Correct. The rules at the bottom located in SO_RULES_PATH where already uncommented. I can't figure this out. Thing is, it's only occurring on 2 out of 3 of our IDS units. All units have the same files. I went through them line by line. How we pull the rules, the paths, everything. All the same. Here is some more info though. The Error only occurs at a specific time. Presumably the time the rules are downloaded. It will throw the error like 50+ times for 3 specific rules(3:29908, 3:16533, 3:8351). I've even tried suppressing these rules to no avail. These errors are all created at the same point in time. This just started happening about a week ago. We have made no adjustments to any file. Jeffrey Meigs IT Operator/Junior Programmer SunWest ECU From: Joel Esler (jesler) [mailto:jesler () cisco com] Sent: Tuesday, June 10, 2014 4:58 PM To: Jeff Meigs; snort-users mailinglist Subject: Re: [Snort-users] Dynamic Rule [X:XXXXX] was not initialized properly. On Jun 10, 2014, at 1:52 PM, Jeff Meigs <jmeigs () sunwestecu com<mailto:jmeigs () sunwestecu com>> wrote: We are https://github.com/vrtadmin/snort-faq/blob/master/Lists/What-is-the-mailing-list-nettiquete.md #4 Sounds like you aren't loading them with your snort.conf correctly. Either check the dynamicplugin directives to make sure it's reference the correct directory, or uncomment the rules at the bottom of the snort.conf that are located in your SO_RULES_PATH. Also make sure your SO_RULES_PATH is the correct directory. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Vulnerability Research Team
------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Dynamic Rule [X:XXXXX] was not initialized properly. Jeff Meigs (Jun 10)
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. Joel Esler (jesler) (Jun 10)
- Message not available
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. Joel Esler (jesler) (Jun 10)
- Message not available
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. Joel Esler (jesler) (Jun 10)
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. Y M (Jun 10)
- <Possible follow-ups>
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. Jeff Meigs (Jun 13)
- Re: Dynamic Rule [X:XXXXX] was not initialized properly. waldo kitty (Jun 13)