Snort mailing list archives
Re: Snort 2.8.1 - TimeStats()
From: Todd Wease <twease () sourcefire com>
Date: Tue, 17 Jun 2008 06:29:26 -0400
Wes, Thanks for bringing this to our attention. I just tested this on snort-2.8.1 and snort-2.8.2, and in daemon mode, as you note, it does not seem to work in snort-2.8.1. It does seem to work in snort-2.8.2. I'm not able to track down exactly why yet (just putting a random printf() call seemed to get it going), but 2.8.2 has some significant performance improvements, so maybe upgrade to 2.8.2 to take advantage of that as well. Thanks, Todd Wes Young wrote:
This might be a dumb question, but does anyone have snort-2.8.1 working successfully with --enable-timestats ? I've got a red-hat box running and it dumps the initial startup and exiting output to syslog, but once it's going, doesn't dump the hourly statistical dump. i've got snort running with the flags: -g snort -u snort -D -M -y but no luck. Tried searching through the code and google a bit w/o much luck... Just wanna verify that someone has it working, or i'm not missing some stupid option before I dig too much further... -- Wes Young Network Security Analyst CIT - University at Buffalo http://claimid.com/saxjazman9 ------------------------------------------------------------------------ ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort 2.8.1 - TimeStats() Wes Young (Jun 16)
- Re: Snort 2.8.1 - TimeStats() JJ Cummings (Jun 16)
- Re: Snort 2.8.1 - TimeStats() Todd Wease (Jun 17)
- Re: Snort 2.8.1 - TimeStats() Wes Young (Jun 17)