Menu
▾
▴
[Os-sim-devel] Ossim-server debug error
|
From: Jon U. <jur...@ya...> - 2008-01-30 21:37:20
|
Hi all, From time to time, snortunified events reset the socket between server=20 and sensor... Seems that the event sent is bigger than it should (more=20 than the reserved buffer??)... Here is the debug log: ****** 2008-01-30 19:19:33 OSSIM-Debug: sim_session_read: Buffer: snort-event=20 sensor=3D"172.22.17.60" interface=3D"eth1"=20 gzipdata=3D"789cd556db6edb3810fd15c3ef0d28cef0a205fc2d812c525963b3b12bab2= df2f77bce507612d71b14dda7adab581ccee5cc19ced0cbeba9eeb6a52e755c8ef3765386= 056bef5cfee2ba2fe2365dff07fefbb8dd9c5f8ef3f2f87428bb6dd7f597f5d9d6d7edb97= ec7f2b21a9f87f3f9301dc661391c5f765b77d938cd87e37c585e775bd96e36a761fcab2e= 8f8b61399cb69bc3e9f17b9d775bb5d73fcbfc5c611d6cb51ccfe608af26edd4b7158178e= d53b6d5719ace752134c9cdcdb23cefb6b1bd9fe6e372c4ca16e3f9dbdfdc91d8dbfa3c8f= b04bfec1fb07e91f727358cef4d62ba4fa10e383079ccd3242fd848c9048e8029c53529a2= 4bb8b46fd8a7d1f33684dc4472172864a08d16bccabe115b4cfabe9f43c3c9d1bc14df0e3= f0528e3f404656d78c1a7cdf6b5e3d7f9b9f4ecb6c2435afa7e5852af2b61e8fa55a9dd6b= 531e9aecbd3f0fa7c1cc0e77fb7c81f2df2cf162ea6ba1fcaa06e98465ffdeae1ba1f9c4e= 4102caeca7d8c5118f44942769ecfc945cf23140d2c7c957c80592ec9de6a0f8c0463a5fc= 5b9e206a5a5c4000d95c13bd814784b31c073c22afaf1a3149e4acad1c71ed1204dee5623= 0ec9217efac9d27dd88125562334885d8936d6d5bfc48c95c47d4ad88bb02e31324fee7c6= a1d638d8aace103360148915d1c7fdd061a13a206b08937e8d4a49f59d30afa1338373d3f= f8c90fe436b00a919ef818bb39293e4ea88328fc87b87d340df81bf04d240148ee5496ace= 00df998c6b5b6b795f4456959634aa1b16fd161639a42e4e687b995a0a9675d4ca7c06264= 76c9b5b8881a2dbb023ed532ef640f4de0856e35994fbd60ff773e923066324601f088442= f9d00a620a8f83b793122f1937fe46798531a88d7aaa4c6f9683883550159935dd81a13cc= 99565a801f76d01dc9ad287b02f5cbe6bf58fe6ab501dbcc584b10ed3578a0a32e6521190= ee59941459c5676a504ec1b4be8d2d8de7cd5aa81bb2a3a060f2d76211f15112fdef7962f= 6b2c0de3e727e45e2d51f76075c704a5077806b7d219139c0be4001d69bc55cc87c2f315d= 96fe1ea6f8a7b445ccf0cb4bac601ea545a2e7165d2664c270594e3dbb09103430ad6e1c5= b483cd00300d7bac911d4849ec30c6be48d773cdd34664164b2400bf0343d468738db106d= bef21373cdae91e0f2a8ccb4e2d4b6f78ba569b0beef77ac4aa37795cb36b1938e00cd67b= f0a0b848756a5e50d56b3d0326317d256913019ec113fb14b3a743e6cc21589f46ceb214b= 9660ce1744a5c49583baa757cb599c5988a1cad7e121561dea2e324069a111370f48a6dec= 748a5b816f385205e74c90ab2a0061f0773a6295748fdba3070f28382ca9c1ccaa0e765ea= 780ae6e93ddf8e844ad02ac4358 2008-01-30 19:19:33 OSSIM-Message: Received error. Inconsistent data=20 entry, closing socket. Received:2048 Buffer lenght: 2047: 0: Success 2008-01-30 19:19:33 OSSIM-Message: Session Sensor : REMOVED 2008-01-30 19:19:33 OSSIM-Message: Removed IP: 172.22.17.60= 2008-01-30 19:19:33 OSSIM-Message: Session Removed ****** Thanx, Jon |
