Re: First time snorting ... ERROR: The dynamic detection library ...

[Alan McKay <alan.mckay () gmail com>]

On Thu, Nov 14, 2013 at 3:24 PM, waldo kitty <wkitty42 () windstream net> wrote:
> yeah... now it gets a little deeper ;)

:-)

> have you tried looking at the FAQ? i know there's one or two questions in there
> about not getting any logging...

I've been reading this now :
http://www.snort.org/assets/166/snort_manual.pdf
but will check the FAQ

> speaking of command lines, what is your snort command line?

Straight out of that doc I'd posted earlier

/usr/local/snort/bin/snort -u snort -g snort -c
/usr/local/snort/etc/snort.conf -i eth0

THough now I just changed it to

/usr/local/snort/bin/snort -u snort -g snort -c
/usr/local/snort/etc/snort.conf -i eth0 >
/var/log/snort/snort.startup.log 2>&1

> also, you might want to stop snort, delete the snort log file in /var/logs...
> then restart it, give it a few minutes, terminate it again and post that log...
> we might spot something in there...

Snort logs are empty :

root@ogic2:/usr/local/snort/etc# ls -al /var/log/snort/
total 36
drwxr-xr-x  2 snort snort  4096 Nov 14 15:35 .
drwxr-xr-x 19 root  root   4096 Nov 14 10:36 ..
-rw-r--r--  1 snort snort  2056 Nov 14 15:29 barnyard2.waldo
-rw-r--r--  1 root  root  22416 Nov 14 15:35 snort.startup.log
-rw-------  1 snort snort     0 Nov 14 15:33 snort.u2.1384461197
-rw-------  1 snort snort     0 Nov 14 15:35 snort.u2.1384461344

Here is the startup log

https://docs.google.com/document/d/1bd3atMiqTBvbwF8BIpZDSVEr1vYniyM0GSIHZGvVWO8/edit?usp=sharing

Anyway, thanks.  I'll start going through the FAQ instead of that other doc.


-- 
“Don't eat anything you've ever seen advertised on TV”
         - Michael Pollan, author of "In Defense of Food"

------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!