Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: problems with acid snort mysql

From: roman () danyliw com
Date: Mon, 24 Sep 2001 21:47:13 US/Eastern
Dennis,

Your version of ACID is too old to use with Snort 1.8.  Upgrade 
to at least 0.9.6b10+ (b15 is recommended).

Roman


I Have the following Problem running snort-1.8.1_1 and Acid-0.9.6b1
I always get this error Unknown column 'ip_src0' in 'field list'

-------------------------------------------------------
         URL: '/acid_pkt_main.php' (refered by:
'https://secure.nipsi.de/acid_main.php')
         PARAMETERS:


'&num_result_rows=-1&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=+&submit=Query+DB&current_view=-1'


         CLIENT: Mozilla/4.75 [de] (Windows NT 5.0; U)
         SERVER: Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4
OpenSSL/0.9.6



         submit: 'Query DB'
         num_result_rows: '-1'  current_view: '-1'
         layer4: ''


 time_cnt
         ip_addr_cnt
                    ip_field_cnt
                              ip_opt_cnt
                                       tcp_port_cnt
                                                    tcp_field_cnt

tcp_opt_cnt

udp_port_cnt

udp_field_cnt

icmp_field_cnt

data_cnt

save_sql =
save_criteria =
caller =
action=
ag_add_key=


IP first 0 0 0 0
IP masking 0 0 0 0 = 0 =
IP back 0: 0 0 0 0

SQL: SELECT event.sid, event.cid, signature, timestamp, ip_src0,
ip_src1, ip_src2, ip_src3, ip_dst0, ip_dst1, ip_dst2, ip_dst3, ip_proto
FROM event
LEFT JOIN iphdr ON event.sid=iphdr.sid AND event.cid=iphdr.cid WHERE
event.cid > 0Query execution error: Unknown column 'ip_src0' in 'field
list'
----------------------------------------------------------------------
regards Dennis


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users






---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: