Re: unified2 logs are empty

[Joel Esler <jesler () sourcefire com>]

Firstly I see you have the word "output" spelled "outout". Is that intentional?

Other than that, you may want to try something other than portscanning to generate alerts. 

--
Sent from my iPad

On Jul 9, 2010, at 1:58 AM, Kum Weng Luey <kumwengluey () gmail com> wrote:

> Hi all,
>  
> I have configured and setup Snort-2.8.6 with barnyard2-1.8 and am facing problems with unified2 logs. The setup and 
> installation of Snort and barnyard with mysql yield no errors.
>  
> However nothing is being passed to the unified2 logs. I have done a portscan on the machine itself but the logs are 
> still empty. What could be wrong ?
>  
> Hopefully someone could help me with it.
>  
> snort.conf unified2 config
>  
> outout unified2: filename snort.u2, limit 128
>  
>  
>  
> Regards,
> KW
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Sprint
> What will you do first with EVO, the first 4G phone?
> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users