Snort mailing list archives

Re: Acid problem

From: payothlh <payothlh () club-internet fr>
Date: Thu, 05 Jun 2003 21:36:40 +0200

Chris wrote:

From: "Chris" <vze2f6h6 () verizon net>
To: <snort-users () lists sourceforge net>
X-Original-Date: Thu, 5 Jun 2003 09:04:04 -0400
Date: Thu, 5 Jun 2003 09:04:04 -0400

I have snort+MySQL+ACID installed and partially working.  Snort is

logging

everything into the database.  The problem is with viewing the alerts.
Yesterday I was able to click on say Unique Alerts and it would show me

the

Alerts.  Now if I click on Unique Alerts: 12, nothing happens.  It knows
about the alerts but it just isn't showing them.  This happens with
everything.  Am I missing something here?

Thanks,

-----Original Message-----
From: guillaume rix - Sun Microsystems - Velizy France

Hi Chris,

Perhaps just make a Shift-Reload on your browser.
If you make a "mysql -u root -p" dirrectly ans query your snort database,
what
are the results ?
Are there any changes before and after the problem ?
It's not very clear your problem, can you give us more details.

Guillaume


I will try to explain it better.
Snort is logging alerts correctly into the database.  The alerts are there
and I can see them.  Acid also can see them.  For example:

Sensors: 1
Unique Alerts: 13  ( 7 categories )
Total Number of Alerts 4822

Source IP addresses: 63
Dest. IP addresses: 5
Unique IP links 64

And so on.  Here is the problem.  When I click on "13" to view the 13 Unique
Alerts, ACID doesn't show anything.  It has the headers and stuff.  It's not
a blank page, but it doesn't show any of the alerts.  I can't drill down
into anything.  I am using Netscape 7.0 if that matters.

Thanks,
Chris Romano

OK, thanks for the description.

Effectively, Netscape7 is a very bad choice . It's my idea. You shoulduse Mozilla. Netscape is finished!!!If it's a PHP problem, you can increase the level of debug in the file"php.ini", section "Error handling and logging".Another important thing, ACID and snort are on the same box or differentones ?


Guillaume

Current thread:

Acid problem Chris (Jun 05)
- <Possible follow-ups>
- Re: Acid problem guillaume rix - Sun Microsystems - Velizy France (Jun 05)
- RE: Acid problem Chris (Jun 05)
  - Re: Acid problem payothlh (Jun 05)
- FW: RE: Acid problem Chris (Jun 05)
- RE: Acid problem Romano, Chris (Jun 06)