FW: RE: Acid problem

["Chris" <vze2f6h6 () verizon net>]

-----Original Message-----
From: payothlh [mailto:payothlh () club-internet fr] 
Sent: Thursday, June 05, 2003 3:37 PM
To: Chris
Cc: 'guillaume rix - Sun Microsystems - Velizy France';
snort-users () lists sourceforge net
Subject: Re: [Snort-users] Acid problem

Chris wrote:

From: "Chris" <vze2f6h6 () verizon net>
To: <snort-users () lists sourceforge net>
X-Original-Date: Thu, 5 Jun 2003 09:04:04 -0400
Date: Thu, 5 Jun 2003 09:04:04 -0400

I have snort+MySQL+ACID installed and partially working.  Snort is
      
logging
    
everything into the database.  The problem is with viewing the alerts.
Yesterday I was able to click on say Unique Alerts and it would show me
      
the
    
Alerts.  Now if I click on Unique Alerts: 12, nothing happens.  It knows
about the alerts but it just isn't showing them.  This happens with
everything.  Am I missing something here?

Thanks,
      

  
-----Original Message-----
From: guillaume rix - Sun Microsystems - Velizy France

Hi Chris,

Perhaps just make a Shift-Reload on your browser.
If you make a "mysql -u root -p" dirrectly ans query your snort database,
what
are the results ?
Are there any changes before and after the problem ?
It's not very clear your problem, can you give us more details.

Guillaume

    

I will try to explain it better.
Snort is logging alerts correctly into the database.  The alerts are there
and I can see them.  Acid also can see them.  For example:

Sensors: 1
Unique Alerts: 13  ( 7 categories )
Total Number of Alerts 4822

 Source IP addresses: 63
 Dest. IP addresses: 5
 Unique IP links 64

And so on.  Here is the problem.  When I click on "13" to view the 13 Unique
Alerts, ACID doesn't show anything.  It has the headers and stuff.  It's not
a blank page, but it doesn't show any of the alerts.  I can't drill down
into anything.  I am using Netscape 7.0 if that matters.

Thanks,
Chris Romano
OK, thanks for the description.
Effectively, Netscape7 is a very bad choice. It's my idea. You should use
Mozilla. Netscape is finished!!!
If it's a PHP problem, you can increase the level of debug in the file
"php.ini", section "Error handling and logging".
Another important thing, ACID and snort are on the same box or different
ones ?

Guillaume



Well it happens in IE also.  I haven't tested Mozzila or Phoenix yet.  I
don't know if it's a php problem or not.  It doesn't seem like it.  Snort
and ACID are on separate boxes.

Thanks Chris



-------------------------------------------------------
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users