Re: [Sguil-users] Unable to find matching rule in /nsm/sguild_data/rules/eve
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
Re: [Sguil-users] Unable to find matching rule in /nsm/sguild_data/rules/eve
|
From: OlRoy O. <olr...@ya...> - 2007-01-29 23:32:00
|
Thanks Bamm, however that didn't work for me, but I'm new to *nix so maybe I did something wrong... I copied http://sguil.cvs.sourceforge.net/*checkout*/sguil/sguil/server/lib/SguildClientCmdRcvd.tcl to /usr/local/lib/sguild/ and now when I click on alerts Sguild says: pid(8257) Client Command Received: RuleRequest eve ICMP PING NMAP pid(8257) Sending sock14: InsertRuleData Unable to find matching rule in /nsm/sguild_data/rules/ICMP. pid(8257) Client Command Received: RuleRequest eve Snort Alert [1:2000000:0] pid(8257) Sending sock14: InsertRuleData Unable to find matching rule in /nsm/sguild_data/rules/Snort. Bamm Visscher <bam...@gm...> wrote: Your sid-msg.map was messed up so the right sig message isn't available. Try this patch: http://sguil.cvs.sourceforge.net/sguil/sguil/server/lib/SguildClientCmdRcvd.tcl?r1=1.21&r2=1.22 Bammkkkk --------------------------------- We won't tell. Get more on shows you hate to love (and love to hate): Yahoo! TV's Guilty Pleasures list. |