Home / Browse / Snort / Mail / Archive

Snort

Email Archive: snort-users (read-only)

2000:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul (301)	_Aug (485)	_Sep (357)	_Oct (522)	_Nov (471)	_Dec (473)
2001:	_Jan (755)	_Feb (787)	_Mar (970)	_Apr (833)	_May (752)	_Jun (706)	_Jul (883)	_Aug (1302)	_Sep (926)	_Oct (947)	_Nov (1033)	_Dec (660)
2002:	_Jan (851)	_Feb (1022)	_Mar (1023)	_Apr (1005)	_May (764)	_Jun (723)	_Jul (918)	_Aug (866)	_Sep (792)	_Oct (1082)	_Nov (833)	_Dec (652)
2003:	_Jan (1097)	_Feb (946)	_Mar (1072)	_Apr (1369)	_May (750)	_Jun (919)	_Jul (695)	_Aug (1010)	_Sep (598)	_Oct (852)	_Nov (673)	_Dec (640)
2004:	_Jan (631)	_Feb (608)	_Mar (680)	_Apr (695)	_May (547)	_Jun (562)	_Jul (560)	_Aug (552)	_Sep (614)	_Oct (516)	_Nov (443)	_Dec (437)
2005:	_Jan (473)	_Feb (489)	_Mar (723)	_Apr (320)	_May (218)	_Jun (188)	_Jul (182)	_Aug (288)	_Sep (308)	_Oct (295)	_Nov (200)	_Dec (120)
2006:	_Jan (128)	_Feb (135)	_Mar (130)	_Apr (225)	_May (172)	_Jun (121)	_Jul (121)	_Aug (118)	_Sep (169)	_Oct (136)	_Nov (133)	_Dec (62)
2007:	_Jan (98)	_Feb (59)	_Mar (62)	_Apr (95)	_May (111)	_Jun (89)	_Jul (124)	_Aug (183)	_Sep (72)	_Oct (81)	_Nov (96)	_Dec (106)
2008:	_Jan (89)	_Feb (105)	_Mar (83)	_Apr (86)	_May (92)	_Jun (84)	_Jul (133)	_Aug (53)	_Sep (47)	_Oct (141)	_Nov (54)	_Dec (85)
2009:	_Jan (137)	_Feb (82)	_Mar (134)	_Apr (278)	_May (167)	_Jun (180)	_Jul (166)	_Aug (99)	_Sep (169)	_Oct (150)	_Nov (171)	_Dec (65)
2010:	_Jan (114)	_Feb (225)	_Mar (214)	_Apr (314)	_May (209)	_Jun (199)	_Jul (323)	_Aug (215)	_Sep (190)	_Oct (316)	_Nov (174)	_Dec (289)
2011:	_Jan (434)	_Feb (404)	_Mar (341)	_Apr (232)	_May (232)	_Jun (119)	_Jul (181)	_Aug (184)	_Sep (144)	_Oct (156)	_Nov (145)	_Dec (176)
2012:	_Jan (233)	_Feb (177)	_Mar (167)	_Apr (167)	_May (231)	_Jun (167)	_Jul (299)	_Aug (350)	_Sep (323)	_Oct (563)	_Nov (432)	_Dec (322)
2013:	_Jan (278)	_Feb (325)	_Mar (399)	_Apr (359)	_May (469)	_Jun (180)	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec

[Snort-users] Error in Postgres dbase

From: reynald <rtm@cy...> - 2005-01-18 11:02

Attachments: Message as HTML

Hello,

Can somebody help me resolve this error;

ERROR:  Cannot insert a duplicate key into unique index event_pkey

The error occured when i tried to use this command to log alerts on my =
ACID using Postgres.
(snort -c /etc/snort/snort.conf -i eth1 -D). It logs the alert but some =
rules wont take effect (like blocking of web sites)

However, all of my rules works perfectly fine when i used this command =
"snort -c /etc/snort/snort.conf -i eth2 -A fast -D".=20
The only problem is it wont log to ACID, the logs goes to my =
/var/log/snort folder instead.

Any help will be highly appreciated..thanks

-reynald

Re: [Snort-users] Error in Postgres dbase

From: Kevin Johnson <kjohnson@se...> - 2005-01-18 12:03

On Tue, 2005-01-18 at 06:08, reynald wrote:
> Hello,
>  
> Can somebody help me resolve this error;
>  
> ERROR:  Cannot insert a duplicate key into unique index event_pkey
>  
> The error occured when i tried to use this command to log alerts on my
> ACID using Postgres.
> (snort -c /etc/snort/snort.conf -i eth1 -D). It logs the alert but
> some rules wont take effect (like blocking of web sites)
>  
> However, all of my rules works perfectly fine when i used this command
> "snort -c /etc/snort/snort.conf -i eth2 -A fast -D". 
> The only problem is it wont log to ACID, the logs goes to my
> /var/log/snort folder instead.
>  
> Any help will be highly appreciated..thanks
>  
> -reynald

Hi-

This problem has been around for a while.  BASE, which is a fork of ACID
has a patch in the latest version that fixes it.  If you would like,
upgrading from ACID to BASE is a very simple procedure.  Or if you would
like, I will dig through my email and send you the patch.  You would
need to modify it some before applying it, as BASE has changed the code.

Thanks
Kevin Johnson
-------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!