4. Check if snort is running

Check if snort is running

  • B

    I have found that snort wasn't running on several occasion, seemingly because of some kind of rules download error.  The last time was in this message:
    https://forum.pfsense.org/index.php?topic=117233.0

    It was rather aggravating to always be in the dark as to whether snort intrusion protection was running.  I have written a quick bash script that checks every minute to see if snort is running and puts out 6 alternating beeps on my controller when snort isn't found in a top list.  Cron has to be installed.

    #!/usr/local/bin/bash

    snortwarn.sh

    cron line: */1 * * * * /usr/local/bin/snortwarn.sh

    export PATH=$PATH:/usr/local/bin

    top -n 1000 > /etc/dummy.txt

    if [[ $(grep -cw "snort" /etc/dummy.txt) -eq 0 ]]; then
      beep -p 2600 50
      beep -p 2800 50
      beep -p 2600 50
      beep -p 2800 50
      beep -p 2600 50
      beep -p 2800 50
    fi

    rm /etc/dummy.txt

    exit 0

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy