Snort mailing list archives
Re: Snort Statistics
From: Joel Esler <joel.esler () sourcefire com>
Date: Mon, 17 Jul 2006 18:05:36 -0400
Frank, You're right. Send a USR1 (kill -USR1 <pid of snort>), then check your /var/log/messages (or whatever syslog) file. Joel On Mon, Jul 17, 2006 at 04:59:11PM -0500, Frank Knobbe sent me:
On Mon, 2006-07-17 at 14:28 -0700, Dan Brummer wrote:Is there a way to display the end of program snort statistics from snort running as a daemon? The statistics I'm looking for are: =============================================================================== Snort received 89 packets Analyzed: 79(88.764%) Dropped: 7(7.865%) Outstanding: 3(3.371%) =============================================================================== etc etc ..... Is this possible?Wasn't that USR1 or USR2? It should be in the FAQ and/or user guide. Send Snort a USR1 signal and watch the output. -Frank-- It is said that the Internet is a public utility. As such, it is best compared to a sewer. A big, fat pipe with a bunch of crap sloshing against your ports.
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
+---------------------------------------------------------------------+ Joel Esler Senior Security Consultant 1-706-627-2101 Sourcefire Security for the /Real/ World -- http://www.sourcefire.com Snort - Open Source Network IPS/IDS -- http://www.snort.org GPG Key: http://demo.sourcefire.com/jesler.pgp.key AIM:eslerjoel YMSG:eslerjoel Gtalk:eslerj +---------------------------------------------------------------------+ ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Statistics Dan Brummer (Jul 17)
- Re: Snort Statistics Frank Knobbe (Jul 17)
- Re: Snort Statistics Joel Esler (Jul 17)
- Re: Snort Statistics Joel Esler (Jul 17)
- Re: Snort Statistics Andreas Östling (Jul 18)
- <Possible follow-ups>
- Re: Snort Statistics Dan Brummer (Jul 17)
- Re: Snort Statistics Jason Brvenik (Jul 17)
- Re: Snort Statistics Frank Knobbe (Jul 17)