Snort mailing list archives

RE: Acid problem

From: "Chris" <vze2f6h6 () verizon net>
Date: Thu, 5 Jun 2003 11:05:18 -0400

From: "Chris" <vze2f6h6 () verizon net>
To: <snort-users () lists sourceforge net>
X-Original-Date: Thu, 5 Jun 2003 09:04:04 -0400
Date: Thu, 5 Jun 2003 09:04:04 -0400

I have snort+MySQL+ACID installed and partially working.  Snort is

logging

everything into the database.  The problem is with viewing the alerts.
Yesterday I was able to click on say Unique Alerts and it would show me

the

Alerts.  Now if I click on Unique Alerts: 12, nothing happens.  It knows
about the alerts but it just isn't showing them.  This happens with
everything.  Am I missing something here?

Thanks,

-----Original Message-----
From: guillaume rix - Sun Microsystems - Velizy France

Hi Chris,

Perhaps just make a Shift-Reload on your browser.
If you make a "mysql -u root -p" dirrectly ans query your snort database,
what
are the results ?
Are there any changes before and after the problem ?
It's not very clear your problem, can you give us more details.

Guillaume


I will try to explain it better.
Snort is logging alerts correctly into the database.  The alerts are there
and I can see them.  Acid also can see them.  For example:

Sensors: 1
Unique Alerts: 13  ( 7 categories )
Total Number of Alerts 4822

 Source IP addresses: 63
 Dest. IP addresses: 5
 Unique IP links 64

And so on.  Here is the problem.  When I click on "13" to view the 13 Unique
Alerts, ACID doesn't show anything.  It has the headers and stuff.  It's not
a blank page, but it doesn't show any of the alerts.  I can't drill down
into anything.  I am using Netscape 7.0 if that matters.

Thanks,
Chris Romano



-------------------------------------------------------
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Acid problem Chris (Jun 05)
- <Possible follow-ups>
- Re: Acid problem guillaume rix - Sun Microsystems - Velizy France (Jun 05)
- RE: Acid problem Chris (Jun 05)
  - Re: Acid problem payothlh (Jun 05)
- FW: RE: Acid problem Chris (Jun 05)
- RE: Acid problem Romano, Chris (Jun 06)