Snort mailing list archives

RE: Information Not Appearing On ACID Console

From: "Kaplan, Andrew H." <AHKAPLAN () PARTNERS ORG>
Date: Wed, 8 Oct 2003 11:46:13 -0400

Hi Valter,

The output database line that I have is:

output database: log, mysql, user=snort password=123 dbname=snort host=127.0.0.1
port=3306 sensor_name=rosnort

The command syntax that I am using is /usr/local/bin/snort -A full -i eth0 -c
/etc/snort/snort.conf -v

I am not running the application as a daemon only to test it out. I let it run
again, and there were several alerts listed in the alert file,
but nothing appeared on ACID. 

Currently, Snort is running only on one machine. The purpose is for this machine
to sniff the traffic that is occurring on the subnet. Just in
case I am missing something, I've included a copy of the snort.conf file in this
e-mail. 

What am I missing in order to get this app to work properly?

-----Original Message-----
From: Valter Santos [mailto:vsantola () devfusion net]
Sent: Wednesday, October 08, 2003 10:32 AM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Information Not Appearing On ACID Console


Hello,

I don't use webmin myself, so i can't help you on this one.
About alerts not appearing on ACID, be sure that your
/etc/snort/snort.conf is well configured to output alerts to mysql
database instead of flat files... you should have something like this in
your snort.conf, on step #3: Configure output plugins:

output database: log, mysql, user=<mysql_user> password=<mysql_passwd>
dbname=<mysql_database> host=<mysql_host> sensor_name=<sensor_name>

then restart your snortd deamon:

/etc/init.d/snortd restart

or 

/usr/local/bin/snort -i eth0 -D -c /etc/snort/snort.conf


hope this help
/valter


On Wed, 2003-10-08 at 14:19, Kaplan, Andrew H. wrote:

The information does scroll across the screen. However, the network

information

and alerts are nor appearing on ACID. They are being logged to an alert file
located in the /var/log/snort directory. 

In short -- I can start snort only from the command line, and the ACID console
is not displaying anything.[/b]


-- 

---..---..---..---..---..---..---..---..---..---..---..---..----
Valter Santos
keys      @ http://devfusion.net/~vsantola/
E2A4B206  @ 99FA 3D80 4B54 BA70 7DD7 C751 47BA 49BC E2A4 B206
---------------------------------------------------------------

Attachment: snort.conf.txt
Description:

Current thread:

Information Not Appearing On ACID Console Kaplan, Andrew H. (Oct 08)
- Re: Information Not Appearing On ACID Console Valter Santos (Oct 08)
- <Possible follow-ups>
- RE: Information Not Appearing On ACID Console Kaplan, Andrew H. (Oct 08)
  - RE: Information Not Appearing On ACID Console Ralf Spenneberg (Oct 09)