Re: Storing ALL Data from honeywall CDROM Roo version

[Jaime Sotelo <1jasotel () gmail com>]

Thanx for the warnings.

Now I'm already importing syslog-ng and firewall logs.Just some problems
yet.

When trying to see the logs in the HSC I get an

"Error connecting to the Database. Table 'aw_hsc.asc_collector' doesn't
exist." I'm not sure, but I think this is something related to the ASC
program. But I'm using HSC, so I don't know what's the meaning of this
error.

I can import data from snort, too, but I get this in the HSC:

"Error Connecting to the Database. You have an error in your SQL syntax near
'(signature.sig_priority AS CHAR)AS 'Priority', sig_name AS 'Event Name',
CAST (i' at line 1"

Thanks to all for the precious help. I'll try to make a good documentation
of what I'm doing to contribute to help the newbies like me.

Note: Both errors occur only when I click on the "Event Overview" section.

I wonder if it's because I'm using MySQL v3.23.58, wich I need for
compatibility with the linux client at the roo honeywall.

I've executed the mysql schemas provided with the HSC and Snort 2.4.3. So no
human error is possible from that part.

Finally (last but not least) I get an strange  error in the honeywall. After
some time of execution, when I try to login appears this message

*** glibc detected *** double free or corruption (!prev): 0x099bd680 ***

Canging the hex number each time I try to login. Also, the MySQL daemon
don't start due to a problem (error 2002) to connect to the local MySQL
server, because it don't find the socket. Consequently, the hflowd and
Walleye cant start, too. Well, I fix it all (mysql and glibc problem)
reinstalling the honeywall, but well... it isn't the smartest way, I think.