I just followed everything in: http://howtoforge.com/intrusion-detection-with-snort-mysql-apache2-on-ubuntu-7.10-updated and it seems like everything is running, but i have no data. What can I do to check? Is this real time, or does it take a little while?
No, not that I can see I'm looking at /var/log/snort/alert.log and /var/log/snort/snort.log.1205642011 and they're both empty. Where else should I look?