snort as windows as service and logging to the windows event log

[snort <snort () soft-cor com>]

Hi

I have a question regarding running snort as windows as service and logging to the windows event log.

I used the –E argument and logging is sort of working but all the logs appear as follows:

“The description for Event ID 1 from source snort cannot be found. Either the component that raises this event is not 
installed on your local computer or the installation is corrupted. You can install or repair the component on the local 
computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

[0:0:0:0] POLICY Outbound Teredo traffic detected [Classification: Potential Corporate Privacy Violation] [Priority: 1] 
{UDP} 0.0.0.0:62762 -> 0.0.0.0:3544

The specified image file did not contain a resource section”

I have confirmed and the snort entry *appears* correct in the registry as valid event log source.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\snort]
"EventMessageFile"=”d:\snort\bin\snort.exe”


Thanks
GarethE

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!