Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort.AD http://anomalydetection.info/

From: Tho Le Phuoc <thole020287 () gmail com>
Date: Wed, 8 Oct 2014 05:34:46 +0200
Hi,

Anyone has tried Snort.AD ( http://anomalydetection.info/)

I am having with it. After running a free attack data for Snort.AD to
collect statistic in ADLog60.txt. I try to generate profile with command
below

./ad_profilegenerator.r -l /var/log/snort/ADLog60.txt -p
/var/log/snort/profile.txt -a 50 -m HW -v

but having problem :

"

Warning message:
In library(package, lib.loc = lib.loc, character.only = TRUE,
logical.return = TRUE,  :
  there is no package called ‘quadprog’

Attaching package: ‘zoo’

The following object(s) are masked from ‘package:base’:

    as.Date, as.Date.numeric

Warning message:
In library(package, lib.loc = lib.loc, character.only = TRUE,
logical.return = TRUE,  :
  there is no package called ‘tseries’
ProfileGen: Starting Profile Generator for SNORT AnomalyDetection
ProfileGen: Using log file: /var/log/snort/ADLog60.txt
ProfileGen: Saving profile to: /var/log/snort/profile.txt
ProfileGen: Using method of prediction: HW
ProfileGen: Log interval: 60
ProfileGen: Number of values to predict: 50
ProfileGen: Deviation scale: 1
Error in matrix(0, nrow = (nrow(log.data) - profile.config.frequency),  :
  invalid 'nrow' value (< 0)
Execution halted
"

Hope someone can help me
-- 
Best Regards,

Le Phuoc Tho

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: