Snort mailing list archives

Previous By Date Next
Previous By Thread Next

flow-portscan.

From: Chris Keladis <chris () cmc optus net au>
Date: Thu, 11 Mar 2004 23:18:03 +1100
Evening all,

Using Snort 2.1.0 with unified output and mudpit feeding into a MySQL database.
All logging (log/events) are currently going into the database by way of unified output, nothing is being logged locally (-N switch).
I noticed i'm not seeing anything from flow-portscan even when changing output-mode to either msg or pktkludge.
flow-portscan is pretty much configured default otherwise, with the exception of server-watchnet which is set to watch some production servers.
I've been too busy lately to look at it in detail myself, just wondering if it's a known issue i may have missed? Checked the docs on flow-portscan and the FAQ and nothing that really covered a unified setup. 




Thanks,

Chris.



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: