Snort mailing list archives
Re: troubleshooting dead snort
From: Juan Jesus Prieto <jjprieto () redborder org>
Date: Tue, 16 Dec 2014 21:06:25 +0100
Hi Robert,Try runnig snort with 'ulimit -c unlimited' in its init script or in the shell running in foreground mode. This will dump a core file, needed for debugging issue.
Regards. El 16/12/14 20:02, Robert Millott escribió:
My snort IDS keeps dying and I don't know why. Anyone got some good suggestions on where to start looking? I am running snort 2.9.6 with barnyard 2.1.10 beta2 on Gentoo 3.12.13. It starts up just fine and runs like a champ. sometimes it will run fine for days, but eventually, I come in and run a "ps ax | grep snort" and its just gone. Barnyard is usually still going, but obviously not doing much without snort. I check the logs and see nothing about it halting. There is still a pid in /etc/snort/pid, so I don't think it closed down nicely. I've looked at the performance data, but it just shows that it was running, but doesn't give me any indication of why it stopped.Suggestions would be appreciated. -- Robert Millott President, Millott and Associates (443) 255-3588 ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- troubleshooting dead snort Robert Millott (Dec 16)
- Re: troubleshooting dead snort Juan Jesus Prieto (Dec 16)
- Re: troubleshooting dead snort Livio Ricciulli (Dec 16)
- Re: troubleshooting dead snort Juan Jesus Prieto (Dec 16)