Snort mailing list archives

Re: Unified2 Missing event record

From: "Al Lewis \(allewi\) via Snort-devel" <snort-devel () lists snort org>
Date: Tue, 16 Jul 2019 16:48:24 +0000

Hello,

You probably will need to show how you are running/starting snort and logging.

Is the issue happening on the most recent version of snort?

Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
Cisco Systems Inc.
Email: allewi () cisco com<mailto:allewi () cisco com>



From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Ron H via Snort-devel <snort-devel () lists 
snort org>
Reply-To: Ron H <ronh.work () gmail com>
Date: Tuesday, July 16, 2019 at 12:44 PM
To: "snort-devel () lists snort org" <snort-devel () lists snort org>
Subject: Re: [Snort-devel] Unified2 Missing event record

UP! :)
Does someone know this issue?

On Mon, Jul 8, 2019 at 7:31 PM Ron H <ronh.work () gmail com<mailto:ronh.work () gmail com>> wrote:
Hey Snort devel,

We have an issue with Snort Unified2 output.
Snort write packet record without write event record.
This issue happens frequently.

out snort version is 2.9.11.1
Snort run on Ubuntu 16.04 Docker container


We are would be grateful to any assistance.
Thanks!

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Unified2 Missing event record Ron H via Snort-devel (Jul 08)
- Re: Unified2 Missing event record Ron H via Snort-devel (Jul 16)
  - Re: Unified2 Missing event record Al Lewis (allewi) via Snort-devel (Jul 16)
  - Re: Unified2 Missing event record Ron H via Snort-devel (Jul 16)
    - Re: Unified2 Missing event record Ron H via Snort-devel (Jul 16)
    - Re: Unified2 Missing event record Ron H via Snort-devel (Jul 16)