[sniffer] Re: Rule Database copy question
Hello Shawn, Wednesday, January 16, 2008, 2:26:14 PM, you wrote: Hello, I am using the latest beta version of Message Sniffer. I am asking this question because I thought I read this somewhere but I can not find where I read it. If I copy my rule database file to the c:\snf directory while SNFServer.exe is running, does SNFServer automatically load the new updated rule database? Yes. If so, how long does it usually take before SNFServer realizes that there is a new rule database that was copied to that directory? Within about a second of seeing the new file it will load and check the new rulebase. If there is something wrong with the rulebase file it will keep the current rulebase active until a better one shows up. Is there anyway to verify that SNFServer has loaded the latest rule database that was copied? I know I can run a SNF2check.exe on the rule database to check the file before I copy it, but it would be great to know if SNFServer.exe has loaded the latest copy that I have copied to the c:\snf directory. SNFServer will indicate that the new rulebase was loaded in it's log file. Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Rule Database copy question
It appears that both the reload and the rotate options in the sniffer executable are still accepted by SNFClient.exe but are deprecated, as neither parameter appears in the help or in the contextual help when SNFClient.exe is run without parameters. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Wednesday, January 16, 2008 11:41 AM To: Message Sniffer Community Subject: [sniffer] Re: Rule Database copy question Hello Shawn, Wednesday, January 16, 2008, 2:26:14 PM, you wrote: Hello, I am using the latest beta version of Message Sniffer. I am asking this question because I thought I read this somewhere but I can not find where I read it. If I copy my rule database file to the c:\snf directory while SNFServer.exe is running, does SNFServer automatically load the new updated rule database? Yes. If so, how long does it usually take before SNFServer realizes that there is a new rule database that was copied to that directory? Within about a second of seeing the new file it will load and check the new rulebase. If there is something wrong with the rulebase file it will keep the current rulebase active until a better one shows up. Is there anyway to verify that SNFServer has loaded the latest rule database that was copied? I know I can run a SNF2check.exe on the rule database to check the file before I copy it, but it would be great to know if SNFServer.exe has loaded the latest copy that I have copied to the c:\snf directory. SNFServer will indicate that the new rulebase was loaded in it's log file. Hope this helps, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Rule Database copy question
Thanks for the response, Pete! I was using both parameters in my scheduled pattern download script, which would tell Sniffer that there was a new pattern, and would rotate the logs before uploading them back to you. With the new (beta) version, both extras have become redundant, so I've removed them from my script. Andrew. From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Wednesday, January 16, 2008 12:43 PM To: Message Sniffer Community Subject: [sniffer] Re: Rule Database copy question Hello Andrew, Wednesday, January 16, 2008, 3:02:16 PM, you wrote: It appears that both the reload and the rotate options in the sniffer executable are still accepted by SNFClient.exe but are deprecated, as neither parameter appears in the help or in the contextual help when SNFClient.exe is run without parameters. True -- if you called the SNFClient with rotate or reload then it would interpret those as the names of files to scan; would most likely not find them; and would produce a harmless error in the log file. SNFServer automatically reloads configuration files and rulebase files when they are altered or replaced. SNFServer can rotate log files on a per-day basis by including a date stamp in their name. If you move a log file manually or by a script then a new one will be created as needed. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
