Snort mailing list archives
snort 8.2 with snort2html
From: "Rick Updegrove" <rickupdegrove () hotmail com>
Date: Wed, 5 Dec 2001 10:29:05 -0800
Hello, I have been successfully using snort 1.7 for a while with snort2html 1.6 I do not have access to my previous configurations at this time but to the best of my recollection, I am doing what I normally do. My main problem that I can see is that snort is not logging to "/var/log/secure" like it needs to do in order to use snort2html. According to man snort the -s option should do this. So I use the following to start snort: /usr/local/bin/snort -s -Afull -c /usr/local/share/examples/snort/snort.conf Yet nothing gets logged to "/var/log/secure" thus snort2html doesn't create anything other than a "empty" page. I do see the alerts on the screen however, for example: Dec 5 10:23:47 cerberus snort[15378]: [1:382:4] ICMP PING Windows [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.11 -> 64.166.46.10 Dec 5 10:23:47 cerberus snort[15378]: [1:382:4] ICMP PING Windows [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.11 -> 64.166.46.10 Dec 5 10:23:47 cerberus snort[15378]: [1:382:4] ICMP PING Windows [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.11 -> 64.166.46.10 Dec 5 10:23:47 cerberus snort[15378]: [1:408:4] ICMP Echo Reply [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.10 -> 64.166.46.11 Dec 5 10:23:47 cerberus snort[15378]: [1:408:4] ICMP Echo Reply [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.10 -> 64.166.46.11 Dec 5 10:23:47 cerberus snort[15378]: [1:408:4] ICMP Echo Reply [Classification: Misc activity] [Priority: 3]: {ICMP} 64.166.46.10 -> 64.166.46.11 etc. What am I overlooking? Thanks, Rick Up _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort 8.2 with snort2html Rick Updegrove (Dec 05)
- Re: snort 8.2 with snort2html Rick Updegrove (Dec 05)