[Oisf-users] Suricata / Snorby Events errors
Victor Julien
victor at inliniac.net
Tue Jan 3 11:38:58 UTC 2012
On 01/03/2012 12:14 PM, Amrith Z wrote:
>
> Hi All,
>
> I'm running Suricata with Snorby. The problem I have has already happened to me several times, and might come from Snorby, and not Suricata. What is happening is that by running Suricata, I do not see any alerts in the Events list of Snorby anymore.
> I see an alert in Snorby in the "Worker & Job Queue" section saying "Warning : the sensor cache job is not running". Nothing seems to change when I restart it with the interface. I found the /etc/init.d/worker script, but it doesn't work.
>
> Any ideas ?
I assume you have barnyard2 running as well in this setup. Can you check
if it is still running? Or restart it to see if that makes the events
flow again?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list