Snort mailing list archives
Confused about Fatal Error
From: Ed Kasky <ed () esson net>
Date: Fri, 13 Sep 2002 09:58:53 -0700
I have Snort ver 1.8.7 running on a RH 7.2 machine using Mysql and running as "snort"
From the init script: daemon /usr/local/bin/snort -u snort -D -c /etc/snort/snort.conf From snort.conf:output database: alert, mysql, user=snort password=XXXXX dbname=snort host=localhost
It's been running fine until the last day or so when I started getting:snort: FATAL ERROR: ERROR: OpenLogFile() => mkdir(/var/log/snort/216.216.73.103) log directory: Permission denied
I changed /var/log/snort to snort.snort and 700 but it continues. My first question is if I am using Mysql, why does it still write the ip logs? Secondly, if I start it as snort, why does it write the ip logs as rppt.bin? drwx------ 2 root bin 4096 Sep 10 13:37 64.131.177.161 Thanks in advance for any advice... Ed ~~ Ed Kasky Los Angeles, CA . . . . . . . . Conscience is the inner voice warning us that someone may be looking. -H.L. Mencken ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Confused about Fatal Error Ed Kasky (Sep 13)
- Snort question Goldmoon (Sep 13)
- Re: Snort question Goldmoon (Sep 13)
- RE: Snort question Bill Gercken (Sep 14)
- Re: Snort question Goldmoon (Sep 13)
- Snort question Goldmoon (Sep 13)