Re: snort-stat not reporting
Make sure to include the patch; they like patches, especially if they
work.
On Wed, 25 Jul 2001, Isetro Savi wrote:
>No, I did not - guess I'll head over to debian.org and do that.
>
>On Tue, Jul 24, 2001 at 11:36:53PM -0600, John Galt wrote:
>>
>> Did you report a bug?
>>
>> On Wed, 25 Jul 2001, Isetro Savi wrote:
>>
>> >I'm running Debian unstable and the snort-stat script does not do
>> >reporting correctly. All I receive is a blank e-mail in place of the
>> >proper statistics it should create.
>> >
>> >After a little bit of troubleshooting, I have made a change in the
>> >script (diff follows below). It seems my auth.log output is just a
>> >little bit different than what snort-stat thinks. Is anybody else
>> >having this problem?
>> >
>> >/usr/sbin/snort-stat is my modified version
>> >
>> >--- ./snort-stat Tue Jul 24 08:33:36 2001
>> >+++ /usr/sbin/snort-stat Tue Jul 24 08:33:47 2001
>> >@@ -78,7 +78,7 @@
>> >
>> > # For snort log, added by $Author: yenming $
>> > # If this is a snort log
>> >- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
>> >+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
>> >
>> > ([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\>]+\s([\d\.]+)[\:]*([\d]*)/ox)
>> > {
>> > $month = $1; $day = $2; $hour = $3; $minute = $4;
>> >
>> >
>> >
>>
>> --
>> FINE, I take it back: UNfuck you!
>>
>> Who is John Galt? galt@inconnu.isu.edu, that's who!
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>>
>>
>
--
FINE, I take it back: UNfuck you!
Who is John Galt? galt@inconnu.isu.edu, that's who!
Reply to: