Sensor Names

BASE-user
2008-01-09
2013-06-03
  • digitalfuzz

    digitalfuzz - 2008-01-09

    Hi guys,

    Please bear with me on these questions. I have recently set up 4 snort sensors and am using BASE 1.3.9. When I click on "search", I see two sensors listed. Where does BASE get it's information to populate those names? I currently have two sensors operating and two sensors turned off. So it sees the correct number of sensors, however the name it is giving them is incorrect. One is showing the IP address of my management NIC and the other shows unknown. It is also showing "eth0" for one sensor and "eth1" for the other. This is incorrect as both sensors have monitoring NIC's on eth0. I just need to know how to make BASE report the correct names for my sensors?

    Thanks in advance for any information you can give.

     
    • Juergen Leising

      Juergen Leising - 2008-01-10

      Hello digitalfuzz,

      > Where does BASE get it's information to populate those names?

      From the database. Its query is similar to something you can type in yourself on the command line (assuming you use mysql):

      mysql> select * from sensor;

      It is not BASE that fills in the wrong values. It is either snort itself or
      flop, barnyard, mudpit or whatever
      helper program you use to perform the
      inserts into the database. And the helper programs get their data from snort...

      Bye, bye

      Juergen

       

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks