[Snort-users] Error in Postgres dbase
This is a discussion on [Snort-users] Error in Postgres dbase within the Snort forums, part of the System Security and Security Related category; This is a multi-part message in MIME format. ------=_NextPart_000_0022_01C4FD91.20B5FF20 Content-Type: text/plain; charset="iso-8859-1&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-18-2005
|
|||
|
|||
[Snort-users] Error in Postgres dbase
This is a multi-part message in MIME format.
------=_NextPart_000_0022_01C4FD91.20B5FF20 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello, Can somebody help me resolve this error; ERROR: Cannot insert a duplicate key into unique index event_pkey The error occured when i tried to use this command to log alerts on my = ACID using Postgres. (snort -c /etc/snort/snort.conf -i eth1 -D). It logs the alert but some = rules wont take effect (like blocking of web sites) However, all of my rules works perfectly fine when i used this command = "snort -c /etc/snort/snort.conf -i eth2 -A fast -D".=20 The only problem is it wont log to ACID, the logs goes to my = /var/log/snort folder instead. Any help will be highly appreciated..thanks -reynald ------=_NextPart_000_0022_01C4FD91.20B5FF20 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1476" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>Hello,</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Can somebody help me resolve this=20 error;</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial color=3D#ff0000 size=3D2>ERROR: Cannot = insert a=20 duplicate key into unique index event_pkey</FONT></DIV> <DIV><FONT face=3DArial color=3D#ff0000 size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>The error occured when i tried to use = this command=20 to log alerts on my ACID using Postgres.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>(<FONT color=3D#000080>snort -c = /etc/snort/snort.conf=20 -i eth1 -D</FONT>). It logs the alert but some rules wont take effect = (like=20 blocking of web sites)</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>However, all of my rules works = perfectly fine when=20 i used this command "<FONT color=3D#000080>snort -c = /etc/snort/snort.conf -i eth2=20 -A fast -D</FONT>". </FONT></DIV> <DIV><FONT face=3DArial size=3D2>The only problem is it wont log to = ACID, the logs goes to my /var/log/snort folder = instead.</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Any help will be highly=20 appreciated..thanks</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>-reynald</FONT></DIV></BODY></HTML> ------=_NextPart_000_0022_01C4FD91.20B5FF20-- ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
