Re: Trouble to log trace into database

["Senthil Prabu.S" <prabu333 () hotpop com>]

> Hi,
> I have a trace file with some packets I am trying to analyze. I am trying 
> to
> load the trace into a mysql database but nothing gets logged.
> My rules file looks like this:
> # RULES
> log tcp any any -> any any
> log udp any any -> any any
>
> And if I just run snort without loading from file, this rules logs every 
> tcp
> and udp header just fine into the database. Now when I run:
> C:\Snort\bin>snort -r c:\trace.eth -c c:\Snort\etc\snort-mod.conf \
> -l c:\Snort\log
>
> I do not get any error but nothing gets logged to the database. See below
> Can anyone give me a hint of what am I doing wrong?

Hi,
    I have tested just now the same rules set to a tcpdump
captured file.It logged all my alerts and logs.
Are you able to read tcpdump file through other tools?
Then,Checkout your snort database setting.


--
Senthil prabu.S

If you are smart enough to know that you're not smart enough to be an
Engineer, then you're in Business.
_________________________________________________________________ 




-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users