Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: MarkR on August 05, 2005, 10:28:21 AM
-
Hi all.
I have installed snort and acid.
But it seems that it keeps restarting itself over and over again.(see log below- this log is repeated)
as anyone else had a problem with this???
My log file is increasing an increasing 160M!! logrotate seems to hang.
Aug 5 05:11:08 reygateway snortd: snort startup succeeded
Aug 5 05:11:08 reygateway snort: PID path stat checked out ok, PID path set to /var/run/
Aug 5 05:11:08 reygateway snort: Writing PID "26556" to file "/var/run//snort_eth1.pid"
Aug 5 05:11:08 reygateway snort: Parsing Rules file /etc/snort/snort.conf
Aug 5 05:11:08 reygateway snort: ,-----------[Flow Config]----------------------
Aug 5 05:11:08 reygateway snort: | Stats Interval: 0
Aug 5 05:11:08 reygateway snort: | Hash Method: 2
Aug 5 05:11:08 reygateway snort: | Memcap: 10485760
Aug 5 05:11:08 reygateway snort: | Rows : 4099
Aug 5 05:11:08 reygateway snort: | Overhead Bytes: 16400(%0.16)
Aug 5 05:11:08 reygateway snort: ----------------------------------------------
Aug 5 05:11:08 reygateway snort: HttpInspect Config:
Aug 5 05:11:08 reygateway snort: GLOBAL CONFIG
Aug 5 05:11:08 reygateway snort: Max Pipeline Requests: 0
Aug 5 05:11:08 reygateway snort: Inspection Type: STATELESS
-
I would seriously take that to the Snort forums. I had the same problem and removed snort for now because I dont have the time to deal with that situation right now..Mine would EAT disk space and logrotate would never stop running because it had so many logs to parce.
-
Just come back from my vacation to find that logrotate has been going on for 2 days, due to the snort logs. I am going to uninstall and wait and see what happens.