Menu
▾
▴
[Os-sim-support] OSSIM startup woes . . .
|
From: Troy R. <tro...@hr...> - 2004-03-31 23:33:53
|
Thanks for the note about the php-domxml rpm, after installing that, I can
look at the directives. I am still not getting alerts into OSSIM though
and noticed this new problem.
I went through the installation instructions again and changed the
/etc/ossim/server/config.xml to this:
<?xml version='1.0' encoding='UTF-8' ?>
<config>
<log filename="/tmp/ossim.log"/>
<sensor name="server" ip="1.2.3.4" interface="eth0"/>
<datasources>
<datasource name="ossimDB" provider="MySQL" dsn="PORT=3306;USER=root;PASSWORD=xxxxxxxx;DATABASE=ossim;HOST=localhost"/>
<datasource name="snortDB" provider="MySQL" dsn="PORT=3306;USER=root;PASSWORD=xxxxxxxx;DATABASE=snort;HOST=localhost"/>
</datasources>
<directive filename="/etc/ossim/server/directives.xml"/>
<scheduler interval="15"/>
<server port="40001"/>
</config>
and when I try to start ossim, I get the following error message:
(process:13827): GLib-GObject-CRITICAL **: file gobject.c: line 1337 (g_object_unref): assertion `G_IS_OBJECT (object)' failed
as well as this in the /tmp/ossim.log file:
file sim-container.c: line 380 (sim_container_db_get_recovery): assertion `database != NULL' failed
repeated over and over again.
the mysql database looks like this:
mysql> show databases;
+---------------+
| Database |
+---------------+
| mysql |
| ossim |
| snort |
| snort_archive |
| test |
+---------------+
5 rows in set (0.02 sec)
mysql> use ossim;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+---------------------------+
| Tables_in_ossim |
+---------------------------+
| alert |
| backlog |
| category |
| classification |
| conf |
| control_panel_host |
| control_panel_net |
| host |
| host_mac |
| host_netbios |
| host_os |
| host_plugin_sid |
| host_qualification |
| host_scan |
| host_sensor_reference |
| host_services |
| host_vulnerability |
| net |
| net_host_reference |
| net_qualification |
| net_sensor_reference |
| net_vulnerability |
| plugin |
| plugin_reference |
| plugin_sid |
| policy |
| policy_host_reference |
| policy_net_reference |
| policy_port_reference |
| policy_sensor_reference |
| policy_sig_reference |
| policy_time |
| port |
| port_group |
| port_group_reference |
| protocol |
| rrd_anomalies |
| rrd_anomalies_global |
| rrd_conf |
| rrd_conf_global |
| scan |
| sensor |
| signature |
| signature_group |
| signature_group_reference |
+---------------------------+
45 rows in set (0.00 sec)
mysql> use snort;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+------------------+
| Tables_in_snort |
+------------------+
| acid_ag |
| acid_ag_alert |
| acid_event |
| acid_ip_cache |
| data |
| detail |
| encoding |
| event |
| icmphdr |
| iphdr |
| opt |
| ossim_event |
| reference |
| reference_system |
| schema |
| sensor |
| sig_class |
| sig_reference |
| signature |
| tcphdr |
| udphdr |
+------------------+
21 rows in set (0.01 sec)
Any help would be appreciated!
Troy Rockwood | Security is mostly a supersition.
Research Staff | It does not exist in nature . . .
HRL Labs | Life is either a daring adventure
| or nothing. -- Helen Keller
|
