No journal files were opened due to insufficient permissions.
Hi.
I have snowl installed, I have created a sensor but
snort does not start due to a permission problem.
No journal files were opened due to insufficient permissions. error snort not started
I use debian 10
Any help is welcome.
Thank you
Hello Sato,
I see you have installed snowl without any instruction from snowl team. Maybe you did not fix snowl rights as described for Ubuntu:
Then, you need to set rights for operation of Snowl-sensor with Snort (starting/stopping). For this purpose, run:
/opt/snowl-sensor/snowl-snort fix
This script will replace Snort owner group with snort group so that only members of the group could run Snort and will add a snowl user to the snort group.
Please, try this and write here about results
Yesterday I began to write instruction for debian 10. I think it needs a couple of days.
Hello Sato,
now you can use instruction and also autoinstallation script for debian from here: snowl.io/downloads/
This screenshot shows working Snowl under debian after applying autoinstallation script