3. Snort Active Checker

Snort Active Checker

  • J

    How would someone go about creating  a Snort monitoring script. In a nutshell if snort was to fail for any reason or whatever, create a script that would try to re-enable it keep some sort of log say try 3 times then if it really won't work cancel the operation and stop.

    I just wondered how would someone go about actually creating a script to do this?

    0
  • J
     

    
#!/bin/sh
SERVICE=snort
if P=$(/usr/bin/pgrep $SERVICE)
then
	/bin/echo "$SERVICE is running, PID is $P"
else
	/usr/local/etc/rc.d/snort.sh start
fi

    Run it via cron every minute.

    0
  • E

    Why snort would fail?
    I have plans to use snort -T to test a config before trying to restart snort but still have not gotten to finish that.

    0
  • J

    Snort does not fail any more. I used that script during last weeks test phases where it often crashed.
    Just posted it because j.smith1981 asked.

    0
  • J

    Oh thank you ever so much for that, probably me being lazy as per usual to actually go back in and keep re-enabling it (or usually when I forget to check if its running) ;D

    Thank you ever so much and I will give that a whirl!

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy