Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Problems with logging

From: "Victor Usjanov" <victor () decna com>
Date: Fri, 8 Mar 2002 09:12:56 +0100
Hello

I have snort and demarc running here. Everything worked just fine before i
have installed guardian (a script that uses snort logs to update firewall
rules). When i have installed guardian i had to add -s option to snort, to
get snort logs to syslog. But it seems that snort stops to log to mysql
database when i use -s option. I see that snort generates new alerts ( they
apperar in /var/log/messages and in alert and in portscan and alert log
files), but nothing new comes up in demarc.  Here is what i get when i start
demarc:

snort is NOT running
Attempting to start snort
WARNING: command line overrides rules file alert plugin!
Checking if snort is running at PID: 11267
PS output:   PID TTY      STAT   TIME COMMAND
11267 pts/0    S      0:00 /usr/local/bin/snort -o -q -s -c
/usr/local/demarc/conf/snor.conf

Someone has any idea how i can fix it ? ( to log to both mysql and syslog)

--
Victor



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: