Home page logo

snort logo Snort mailing list archives

error at logging to database
From: Miquel Tur <mtur () ce bdigital org>
Date: Wed, 12 Jun 2013 13:17:36 +0200


I trying to log at my database log alerts, but if the rule is like:

*log tcp any...*

It doesn't work and display this warning:

* WARNING database [Database()]: Called with Event[0x0] Event Type [0]
(P)acket [0x9954860], information has not been outputed.*
but if the rule is an alert:

*alert tcp any... (with the same rule, only changing this)*

It works.

I use the output unified2 in snort and a postgresql database for the
barnyard2 output.

The most curious is that all work correctly if the rule is an alert, but if
it is an log, i only can see the warning and the event is notsaved in the

thanks for your help
This SF.net email is sponsored by Windows:

Build for Windows Store.

Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]