Hi to all,
I am a new bie so please bear with me. I have searched this forum for my problem but did not find the answer. Please help me.
OS - Gentoo
Snort - 22.214.171.124-r1
Base - 1.3.8
Adodb - 5.02
Database - Mysql/Postgresql
Snort is logging alerts to the database mysql without any problem. I do have a sensor added in sensor table.
select * from sensor;
sid | hostname | interface | filter | detail | encoding | last_cid
1 | 192.168.3.177 | eth2 | | 1 | 0 | 314916
I have installed BASE without any problem. It shows alerts without any problem when data are less in database. After 2 to 3 days BASE does not loads, its keeps rotating and only shows:-
Basic Analysis and Security Engine (BASE)
- Today's alerts: unique listing Source IP Destination IP
- Last 24 Hours alerts: unique listing Source IP Destination IP
- Last 72 Hours alerts: unique listing Source IP Destination IP
- Most recent 15 Alerts: any protocol TCP UDP ICMP
- Last Source Ports: any protocol TCP UDP
- Last Destination Ports: any protocol TCP UDP
- Most Frequent Source Ports: any protocol TCP UDP
- Most Frequent Destination Ports: any protocol TCP UDP
- Most frequent 15 Addresses: Source Destination
- Most recent 15 Unique Alerts
- Most frequent 5 Unique Alerts
My question is what should i do in order to load the BASE to show alerts logged in database.
First, I would recommend that you upgrade to the latest version. 1.3.8 has a number of bugs that have been fixed.
If that does not fix you issue, please send any error messages that appear in your HTTP server logs.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.