Snort mailing list archives
snort as windows as service and logging to the windows event log
From: snort <snort () soft-cor com>
Date: Wed, 27 Feb 2013 10:57:20 +0000
Hi I have a question regarding running snort as windows as service and logging to the windows event log. I used the –E argument and logging is sort of working but all the logs appear as follows: “The description for Event ID 1 from source snort cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: [0:0:0:0] POLICY Outbound Teredo traffic detected [Classification: Potential Corporate Privacy Violation] [Priority: 1] {UDP} 0.0.0.0:62762 -> 0.0.0.0:3544 The specified image file did not contain a resource section” I have confirmed and the snort entry *appears* correct in the registry as valid event log source. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\snort] "EventMessageFile"=”d:\snort\bin\snort.exe” Thanks GarethE
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- snort as windows as service and logging to the windows event log snort (Feb 27)