Re: snort-stat not reporting
Hello,
On Wed, 25 Jul 2001, Isetro Savi wrote:
I'm running Debian unstable and the snort-stat script does not do
reporting correctly. All I receive is a blank e-mail in place of the
proper statistics it should create.
I run testing and I have the same problem. I thought that there was
nothing to report.
Thanks for the patch!
Greetz,
Sebastiaan
After a little bit of troubleshooting, I have made a change in the
script (diff follows below). It seems my auth.log output is just a
little bit different than what snort-stat thinks. Is anybody else
having this problem?
/usr/sbin/snort-stat is my modified version
--- ./snort-statTue Jul 24 08:33:36 2001
+++ /usr/sbin/snort-statTue Jul 24 08:33:47 2001
@@ -78,7 +78,7 @@
# For snort log, added by $Author: yenming $
# If this is a snort log
- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\]+\s([\d\.]+)[\:]*([\d]*)/ox)
{
$month = $1; $day = $2; $hour = $3; $minute = $4;
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
snort-stat not reporting
I'm running Debian unstable and the snort-stat script does not do
reporting correctly. All I receive is a blank e-mail in place of the
proper statistics it should create.
After a little bit of troubleshooting, I have made a change in the
script (diff follows below). It seems my auth.log output is just a
little bit different than what snort-stat thinks. Is anybody else
having this problem?
/usr/sbin/snort-stat is my modified version
--- ./snort-statTue Jul 24 08:33:36 2001
+++ /usr/sbin/snort-statTue Jul 24 08:33:47 2001
@@ -78,7 +78,7 @@
# For snort log, added by $Author: yenming $
# If this is a snort log
- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\]+\s([\d\.]+)[\:]*([\d]*)/ox)
{
$month = $1; $day = $2; $hour = $3; $minute = $4;
Re: snort-stat not reporting
Did you report a bug?
On Wed, 25 Jul 2001, Isetro Savi wrote:
I'm running Debian unstable and the snort-stat script does not do
reporting correctly. All I receive is a blank e-mail in place of the
proper statistics it should create.
After a little bit of troubleshooting, I have made a change in the
script (diff follows below). It seems my auth.log output is just a
little bit different than what snort-stat thinks. Is anybody else
having this problem?
/usr/sbin/snort-stat is my modified version
--- ./snort-statTue Jul 24 08:33:36 2001
+++ /usr/sbin/snort-statTue Jul 24 08:33:47 2001
@@ -78,7 +78,7 @@
# For snort log, added by $Author: yenming $
# If this is a snort log
- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\]+\s([\d\.]+)[\:]*([\d]*)/ox)
{
$month = $1; $day = $2; $hour = $3; $minute = $4;
--
FINE, I take it back: UNfuck you!
Who is John Galt? [EMAIL PROTECTED], that's who!
Re: snort-stat not reporting
No, I did not - guess I'll head over to debian.org and do that.
On Tue, Jul 24, 2001 at 11:36:53PM -0600, John Galt wrote:
Did you report a bug?
On Wed, 25 Jul 2001, Isetro Savi wrote:
I'm running Debian unstable and the snort-stat script does not do
reporting correctly. All I receive is a blank e-mail in place of the
proper statistics it should create.
After a little bit of troubleshooting, I have made a change in the
script (diff follows below). It seems my auth.log output is just a
little bit different than what snort-stat thinks. Is anybody else
having this problem?
/usr/sbin/snort-stat is my modified version
--- ./snort-statTue Jul 24 08:33:36 2001
+++ /usr/sbin/snort-statTue Jul 24 08:33:47 2001
@@ -78,7 +78,7 @@
# For snort log, added by $Author: yenming $
# If this is a snort log
- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\]+\s([\d\.]+)[\:]*([\d]*)/ox)
{
$month = $1; $day = $2; $hour = $3; $minute = $4;
--
FINE, I take it back: UNfuck you!
Who is John Galt? [EMAIL PROTECTED], that's who!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: snort-stat not reporting
Make sure to include the patch; they like patches, especially if they
work.
On Wed, 25 Jul 2001, Isetro Savi wrote:
No, I did not - guess I'll head over to debian.org and do that.
On Tue, Jul 24, 2001 at 11:36:53PM -0600, John Galt wrote:
Did you report a bug?
On Wed, 25 Jul 2001, Isetro Savi wrote:
I'm running Debian unstable and the snort-stat script does not do
reporting correctly. All I receive is a blank e-mail in place of the
proper statistics it should create.
After a little bit of troubleshooting, I have made a change in the
script (diff follows below). It seems my auth.log output is just a
little bit different than what snort-stat thinks. Is anybody else
having this problem?
/usr/sbin/snort-stat is my modified version
--- ./snort-statTue Jul 24 08:33:36 2001
+++ /usr/sbin/snort-statTue Jul 24 08:33:47 2001
@@ -78,7 +78,7 @@
# For snort log, added by $Author: yenming $
# If this is a snort log
- if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w-]+)\ssnort\[\d+\]:\s+
+ if (/^(\w{3})\s+(\d+)\s(\d+)\:(\d+)\:(\d+)\s([\w]+)\ssnort\:\s+
([^:]+):\s([\d\.]+)[\:]*([\d]*)\s[\-\]+\s([\d\.]+)[\:]*([\d]*)/ox)
{
$month = $1; $day = $2; $hour = $3; $minute = $4;
--
FINE, I take it back: UNfuck you!
Who is John Galt? [EMAIL PROTECTED], that's who!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
FINE, I take it back: UNfuck you!
Who is John Galt? [EMAIL PROTECTED], that's who!
