snort and guardian

[Björn Brombach <b.brombach () drachenfels de>]

Hi all,
i have got an urgent problem using snort and guardian.
I configured snort to write alerts to syslog (alerts are stored in
/var/log/messages) and mysql database.
I configured guardian to the /var/log directory to hopefully use the
messages file.
SuSe 8.2 is the system i have running and snort and guardian are newest
versions.
As guardian seems to run fine but just doesnt do anything i changed the
guardian_block.sh to just print some text to screen and write into a file.
But even with attacks using snot theres no reaction from guardian.
I tried to use snort -A Fast and use the snort.alert file for guardian but
no reaction as well.
I checked the log files, the alerts are stored there.
I started guardian in debug mode but did never get any debug information on
screen.

Do i have to configure snort in a special way to make guardian use the
alerts?

If you have guardian running please send me hints on how to get mine working
as well, or your starting command with configuration options for snort and
guardian.

Thanks for any help and reply.
-bb



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users