[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is snort-stat and 5snort really broken in sid?

On 12.09.2001 at 11:30:02, Andrew Pollock <andrew@andrew.net.au> wrote:

> Even if I run snort-stat manually on auth.log (after I've made snort start
> -s) it doesn't return anything when there are alerts in the log.
> Any suggestions appreciated, I'd like to get daily summary emails.

Well I popped off to www.snort.org and downloaded the latest snort_stat.pl, and
lo and behold, it works. I think the snort-stat included in snort-common
(1.8p1-1) doesn't match the version of snort (it's looking for different regular
expressions in the logs).


Reply to: