Board index Linux Security

Help: SnortSnarf

Help: SnortSnarf

Post by Sean » Thu, 29 Nov 2001 11:30:33



Hi all,

I am trying to use SnortSnarf to view my logs from snort.  I am logging data
in the snort files at

/var/log/snort
alert                                667
portscan.log                    10

I can connect to SnortSnarf using a web browser but for the life of me I
cannot get any inputs.  I am using the configurations
outlined at
http://ibiblio.org/gferg/ldp/Snort-Statistics-HOWTO/configuration.htm...
SNARF-CONFIG
everything looks fine but it will not work..  Any suggestions, help,
comments no matter how small would be greatly appreciated.

Included below is what I get at the browser.  Is the SnortFileInput model
trying to read a file from /var/log/snort.alert?

0 alerts found using input module SnortFileInput, with sources:
  a.. /var/log/snort.alert

 
 
 
Top

1. Need help with snortsnarf

I believe I have snort working - it's kicking out stuff to my logging
directory.  But, I
can not get snortsnarf working.  Below are the commands that I run, and the
error's
it produces.  All were installed using ports - OpenBSD Version 3.1

Terry

# cd /usr/local/snortsnarf
#/usr/local/snortsnarf/snortsnarf.pl -d
/var/www/htdocs/snort -refresh=30 -rulesfile /etc/snort.conf -rulesdir
/usr/local/share/examples/snort/ /var/www/htdocs/snort


/usr/libdata/perl5/i386-openbsd/5.6.1
/usr/local/libdata/perl5/i386-openbsd/5.6.1 /usr/libdata/perl5
/usr/local/libdata/perl5 /usr/local/libdata/perl5/site_perl/i386-openbsd
/usr/libdata/perl5/site_perl/i386-openbsd /usr/local/libdata/perl5/site_perl
/usr/libdata/perl5/site_perl /usr/local/lib/perl5/site_perl .
./include/SnortSnarf) at TimeFilters.pm line 18.
BEGIN failed--compilation aborted at TimeFilters.pm line 18.
Compilation failed in require at Filter.pm line 19.
BEGIN failed--compilation aborted at Filter.pm line 19.
Compilation failed in require at /usr/local/snortsnarf/snortsnarf.pl line
87.
BEGIN failed--compilation aborted at /usr/local/snortsnarf/snortsnarf.pl
line 87.

2. To use system shadow password in Apache

3. problem installing snortsnarf

4. LPRng and netatalk - how?

5. snort - snortsnarf

6. stopping and starting all services after chkconfig

7. HELP HELP HELP HELP HELP HELP

8. Anyone using SunLink X.25????

9. help help help help help help

10. Xaw scrollbars within dialog box widgets HELP:HELP:HELP:HELP:HELP:

11. HELP HELP HELP HELP PLZ

12. Help C program in linux help help help !!!!!!!

13. HELP -- HELP -- HELP -- HELP


All times are UTC
Board index