Snort not alerting although tcpdump shows packet

[Gaurav Srivastava <gaurav.srivastava7 () gmail com>]

Dear all,

I have a strange issue. I am running snort to observe traffic mirrored from
another VM.
But Snort is not alerting. To verify whether the packets are received or
not I did a tcpdump using following command

sudo tcpdump -w icmp.pcap -i eth0 icmp

And when I read the file using snort using below command:

snort -r icmp.pcap

It displays the ICMP packet logs. But the alert was not generated when
snort was running.

Please suggest. I am stuck here.


Thanks and Regards,
Gaurav

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!