Snort mailing list archives

Re: Snort Data Not Showing Up in ACID

From: "Andy S Shrock" <Andy.S.Shrock () usa dupont com>
Date: Mon, 29 Sep 2003 13:25:38 -0400


For ACID to work you must send your alerts to the snort database schema.
ACID does not read the snort alert files instead it reads it's data from a
database. You can either set snort up to store the data directly in the
database as opposed to log files or preferably you can set snort to log to
unified files (binary format) and use barnyard to process the log files and
store the data in MySQL. Once the data is in a database you can point acid
to that DB and view reports on your alerts.

Andy Shrock
DuPont AFS




"Kaplan, Andrew H." <AHKAPLAN () PARTNERS ORG>@lists.sourceforge.net on
09/29/2003 12:26:25 PM

Sent by:    snort-users-admin () lists sourceforge net


To:    snort-users () lists sourceforge net
cc:
Subject:    [Snort-users] Snort Data Not Showing Up in ACID


Hi there,

I have configured Snort to log alerts that occur on the network. When I
look
in the alert log file, there are several that do appear. However, nothing
is
appearing on the ACID web page.


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





This communication is for use by the intended recipient and contains 
information that may be privileged, confidential or copyrighted under
applicable law.  If you are not the intended recipient, you are hereby
formally notified that any use, copying or distribution of this e-mail,
in whole or in part, is strictly prohibited.  Please notify the sender
by return e-mail and delete this e-mail from your system.  Unless
explicitly and conspicuously designated as "E-Contract Intended",
this e-mail does not constitute a contract offer, a contract amendment,
or an acceptance of a contract offer.  This e-mail does not constitute
a consent to the use of sender's contact information for direct marketing
purposes or for transfers of data to third parties.

 Francais Deutsch Italiano  Espanol  Portugues  Japanese  Chinese  Korean

            http://www.DuPont.com/corp/email_disclaimer.html




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort Data Not Showing Up in ACID Kaplan, Andrew H. (Sep 29)
- Re: Snort Data Not Showing Up in ACID caffeinex36 () yahoo com (Sep 29)
- <Possible follow-ups>
- Re: Snort Data Not Showing Up in ACID Andy S Shrock (Sep 29)