Snort mailing list archives
No trace for corresponding alerts
From: "Sheahan, Paul (PCLN-NW)" <Paul.Sheahan () priceline com>
Date: Thu, 4 Oct 2001 12:16:53 -0400
Hello, I'm using Snort 1.8.1 B78 on Red Hat Linux 7.0. I use the latest version of snort_stat.pl to generate reports for me every night at midnight. I then have the report emailed to me automatically. For every alert, there has ALWAYS been a corresponding trace in my trace file. This allows me to lookup details on alerts when needed. Ever since upgrading to Build 78 and the latest snort_stat (both upgraded around the same time), maybe 10% of the time, I find no corresponding trace for a given alert. Not sure if this is a bug in Build 78 or the latest snort_stat, but there is a DEFINITE problem. This worked flawlessly in the past. Has anyone else experienced this? Thanks, Paul Sheahan Manager of Information Security Priceline.com paul.sheahan () priceline com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- No trace for corresponding alerts Sheahan, Paul (PCLN-NW) (Oct 04)
- Re: No trace for corresponding alerts niceshorts (Oct 04)
- <Possible follow-ups>
- RE: No trace for corresponding alerts Sheahan, Paul (PCLN-NW) (Oct 05)
- RE: No trace for corresponding alerts Anthony Kim (Oct 05)
- RE: No trace for corresponding alerts Sheahan, Paul (PCLN-NW) (Oct 05)
- Re: No trace for corresponding alerts niceshorts (Oct 06)
- Message not available
- Re: No trace for corresponding alerts niceshorts (Oct 12)
- Re: No trace for corresponding alerts niceshorts (Oct 06)
- RE: No trace for corresponding alerts Michael Steele (Oct 12)