Snort mailing list archives

Previous By Date Next
Previous By Thread Next

error at logging to database

From: Miquel Tur <mtur () ce bdigital org>
Date: Wed, 12 Jun 2013 13:17:36 +0200
Hi,

I trying to log at my database log alerts, but if the rule is like:

*log tcp any...*

It doesn't work and display this warning:

* WARNING database [Database()]: Called with Event[0x0] Event Type [0]
(P)acket [0x9954860], information has not been outputed.*
*
*
but if the rule is an alert:

*alert tcp any... (with the same rule, only changing this)*

It works.

I use the output unified2 in snort and a postgresql database for the
barnyard2 output.

The most curious is that all work correctly if the rule is an alert, but if
it is an log, i only can see the warning and the event is notsaved in the
database.

thanks for your help

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: