Snort mailing list archives

Re: Portscans aren't logging to postgresql...

From: Erek Adams <erek () theadamsfamily net>
Date: Tue, 27 Nov 2001 13:16:04 -0800 (PST)

On Tue, 27 Nov 2001, Daedalus wrote:

I've got snort set up to log to postgresql and acid to view/manage it,
but for some reason it isn't logging portscans to the db.  I can see
the spp portscan messages in the default alert file and the info is
collected in portscan.log but nothing makes it to the signature table
and acid reports 0% traffic from portscans.  Any idea what's wrong?

Also, I have a question about the -A switch when starting snort.
If I want to log only to the database do I use -A none?  Or, will
that shut off alerts to the db as well?  Right now snort is logging
to both the alert file and the db.

BTW I'm using Snort 1.8.2, PostgreSQL 7.1.3 and acid 0.9.6b17


Sure.

http://acidlab.sourceforge.net/acid_faq.html#faq_b7

:)

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Portscans aren't logging to postgresql... Daedalus (Nov 27)
- Re: Portscans aren't logging to postgresql... Erek Adams (Nov 27)