Snort mailing list archives

type_log not working !

From: longint longint <longint () gmail com>
Date: Thu, 26 Jan 2006 10:50:35 -0300

I added this to my snort config, hoping all "log" goes to syslog, the
"alerts" go to mysql:

{
  type alert
  output alert_syslog: LOG_AUTH LOG_ALERT
  output database: alert, mysql, dbname=snort_prod user=sensor host=
10.168.91.15 password=tr0t4mund0 sensor_name=snortpwg01 detail=full
encoding=ascii
}

{
  type log
  output alert_syslog: LOG_LOCAL4 LOG_ALERT
}



When lunching,  i got this, any idea???

[snortpwg01:/usr/local/snort]# /usr/local/bin/snort -c
/usr/local/snort/snort.conf -N -i eth0 -l /var/snort_logs
Running in IDS mode
Log directory = /var/snort_logs

Initializing Network Interface eth0
OpenPcap() device eth0 network lookup:
        eth0: no IPv4 address assigned

        --== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file /usr/local/snort/snort.conf
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
ERROR: /usr/local/snort/snort.conf(38) => Unknown rule type: {
Fatal Error, Quitting..
[snortpwg01:/usr/local/snort]#

Current thread:

type_log not working ! longint longint (Jan 26)