Need help with snortsnarf

Need help with snortsnarf

Post by Terr » Sat, 21 Sep 2002 08:52:46



I believe I have snort working - it's kicking out stuff to my logging
directory.  But, I
can not get snortsnarf working.  Below are the commands that I run, and the
error's
it produces.  All were installed using ports - OpenBSD Version 3.1

Terry

# cd /usr/local/snortsnarf
#/usr/local/snortsnarf/snortsnarf.pl -d
/var/www/htdocs/snort -refresh=30 -rulesfile /etc/snort.conf -rulesdir
/usr/local/share/examples/snort/ /var/www/htdocs/snort


/usr/libdata/perl5/i386-openbsd/5.6.1
/usr/local/libdata/perl5/i386-openbsd/5.6.1 /usr/libdata/perl5
/usr/local/libdata/perl5 /usr/local/libdata/perl5/site_perl/i386-openbsd
/usr/libdata/perl5/site_perl/i386-openbsd /usr/local/libdata/perl5/site_perl
/usr/libdata/perl5/site_perl /usr/local/lib/perl5/site_perl .
./include/SnortSnarf) at TimeFilters.pm line 18.
BEGIN failed--compilation aborted at TimeFilters.pm line 18.
Compilation failed in require at Filter.pm line 19.
BEGIN failed--compilation aborted at Filter.pm line 19.
Compilation failed in require at /usr/local/snortsnarf/snortsnarf.pl line
87.
BEGIN failed--compilation aborted at /usr/local/snortsnarf/snortsnarf.pl
line 87.

 
 
 

Need help with snortsnarf

Post by Sean » Sat, 21 Sep 2002 21:50:27


Looks like you need to install that Perl module (Time::ParseDate).

  $ perl -MCPAN -e 'install Time::ParseDate'

HTH,
Sean

 
 
 

1. Help: SnortSnarf

Hi all,

I am trying to use SnortSnarf to view my logs from snort.  I am logging data
in the snort files at

/var/log/snort
alert                                667
portscan.log                    10

I can connect to SnortSnarf using a web browser but for the life of me I
cannot get any inputs.  I am using the configurations
outlined at
http://ibiblio.org/gferg/ldp/Snort-Statistics-HOWTO/configuration.htm...
SNARF-CONFIG
everything looks fine but it will not work..  Any suggestions, help,
comments no matter how small would be greatly appreciated.

Included below is what I get at the browser.  Is the SnortFileInput model
trying to read a file from /var/log/snort.alert?

0 alerts found using input module SnortFileInput, with sources:
  a.. /var/log/snort.alert

2. Can't detect aha1520b

3. problem installing snortsnarf

4. mrouted

5. snort - snortsnarf

6. subtract two date

7. Need help getting connected, bootp help needed

8. grep

9. ARCNET Drivers Needed for Linux...help help help!

10. <help>Linux newbies need help with CD and soundcard<help>

11. ARCNET Drivers Needed for Linux...help help help!

12. NEED Help on routing and Samba ! HELP HELP!!

13. need help with LaTex, help help