Re: Snort is not able to forward report to Base.

[Stephen Fernandis [IT Shared Services – Hub] <fernans () mtn co ug>]

Hi Waldo,



As per Winids installation url http://winsnort.com/index.php?module=Pages&func=display&pageid=40. That activator file 
is require in barnyard2 testing. So if you can help to get that file.





[cid:image001.png@01CF08B4.A5EBE730]







Kind Regards,

Stephen Fernandis

Network & Security Domain, Information Technology |MTN-HUB

Cell + 256 785373903 Desk +256 312125995 |email : fernans () mtn co ug





I do not know anyone who has got to the top without hard work. That is the recipe. It will not always get you to the 
top, but should get you pretty near- In memory of Margaret Thatcher



-----Original Message-----
From: waldo kitty [mailto:wkitty42 () windstream net]
Sent: Friday, January 03, 2014 6:15 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Snort is not able to forward report to Base.



On 1/3/2014 9:35 AM, Stephen Fernandis [IT Shared Services – Hub] wrote:

> Hi Ayodele,

>

> Thanks for your assist,

>

> 1)is logging to MySQL via barnyard2

>

> Ans Yes I logged the mysql via barnyard2, but as per below url of

> windows snort installation I ignore this step during as mention in screenshot.



that doesn't sound like a good thing to do...



> Because I didn’t get the activators and /'sid-msg.map' /file on snort

> site and google. Please let me know due to that reason I facing the

> issue of forward generated logs to Base.



you have to build the sid-msg.map file... that's what the second tool

(create-sidmap) unzipped in that snapshot was for... i don't know how to tell you to execute it, though...



i don't have any idea about those activators because i do not run critical packages on winwhatever...



--

NOTE: No off-list assistance is given without prior approval.

       Please keep mailing list traffic on the list unless

       private contact is specifically requested and granted.



------------------------------------------------------------------------------

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how 
application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP 
application. Start your 15-day FREE TRIAL of AppDynamics Pro!

http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk

_______________________________________________

Snort-users mailing list

Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net>

Go to this URL to change user options or unsubscribe:

https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:

http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users



Please visit http://blog.snort.org to stay current on all the latest Snort news!

________________________________
NOTE: This e-mail message is subject to the MTN Group disclaimer see http://www.mtn.co.ug/email/Email-disclaimer.aspx

------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!