No journal files were opened due to insufficient permissions.

QuestionsCategory: QuestionsNo journal files were opened due to insufficient permissions.
sato asked 1 year ago

Hi.
I have snowl installed, I have created a sensor but
snort does not start due to a permission problem.

No journal files were opened due to insufficient permissions. error snort not started

 
I use debian 10
Any help is welcome.

Thank you

2 Answers
Snowl team Staff answered 1 year ago

Hello Sato,
I see you have installed snowl without any instruction from snowl team. Maybe you did not fix snowl rights as described for Ubuntu:
Then, you need to set rights for operation of Snowl-sensor with Snort (starting/stopping). For this purpose, run:
/opt/snowl-sensor/snowl-snort fix
This script will replace Snort owner group with snort group so that only members of the group could run Snort and will add a snowl user to the snort group.
Please, try this and write here about results
Yesterday I began to write instruction for debian 10. I think it needs a couple of days.

Snowl team Staff answered 1 year ago

Hello Sato,

now you can use instruction and also autoinstallation script for debian from here: snowl.io/downloads/
This screenshot shows working Snowl under debian after applying autoinstallation script
snowl-under-debian10