Snort mailing list archives
Re: Snort + Acid w/ MySQL question(s)
From: "Koaps" <koaps () 2nutz com>
Date: Thu, 10 May 2001 14:48:04 -0700
I am having problems with Snort Logging to mysql too Orginally I had Snort and MySQL on the same OpenBSD box, this caused MySQL to crash, alot... So I installed MySQL on a windows box, which also runs Snort Locally, Amazingly the windows based Snort/MySQL/ACID works perfectly, and the OpenBSD snort trying to log to MySQL on windows is failing to write alerts... just my two cents worth of crap.... L8rZ, )\_/( < o,0 > ~ \ / KoAps ----- Original Message ----- From: "alexus" <ml () db nexgen com> To: <roman () danyliw com> Cc: <snort-users () lists sourceforge net> Sent: Thursday, May 10, 2001 2:26 PM Subject: Re: [Snort-users] Snort + Acid w/ MySQL question(s) mysql> select * from user where user='alexus'; +-----------+--------+------------------+-------------+-------------+------- ------+-------------+-------------+-----------+-------------+--------------- +--------------+-----------+------------+-----------------+------------+---- --------+ | Host | User | Password | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | +-----------+--------+------------------+-------------+-------------+------- ------+-------------+-------------+-----------+-------------+--------------- +--------------+-----------+------------+-----------------+------------+---- --------+ | localhost | alexus | 34484ed463a66850 | Y | Y | N | Y | N | N | N | N | N | N | N | N | N | N | +-----------+--------+------------------+-------------+-------------+------- ------+-------------+-------------+-----------+-------------+--------------- +--------------+-----------+------------+-----------------+------------+---- --------+ 1 row in set (0.00 sec) mysql> i copy and paste mysql output to show you that i do have all right privileges i also upgrade acid to 0.9.6b9 (which is latest beta for today) it still doesn't work ----- Original Message ----- From: <roman () danyliw com> To: "alexus" <ml () db nexgen com> Cc: <snort-users () lists sourceforge net> Sent: Thursday, May 10, 2001 11:18 AM Subject: Re: [Snort-users] Snort + Acid w/ MySQL question(s)
One observation: - ACID 0.9.5 does not use ADODB. This DB abstraction was introduced in 0.9.6b2 (Jan 2001). Hence, this addition into acid_conf.php will be ignored. Two recommendations: - are you sure that you have CREATE permissions on the DB user set in acid_conf.php? If all else fails, try using the "create_acid_tbls_mysql.sql" to manually create the ACID tables. - upgrade to a more recent version of ACID => 0.9.6b9. There are significant feature improvements as well as bug fixes. If you prefer an older version, upgrade to at least 0.9.6b1 for it has a number of important bug fixes cheers, RomanI'm using the following: FreeBSD 4.3 - RELEASE (STABLE) ACID-0.9.5 - RELEASE (STABLE) ADODB v1.0.1 - RELEASE (STABLE) PHP - 4.0.5 - RELEASE (STABLE) APACHE - 1.3.19 - RELEASE (STABLE) SNORT - 1.7 - RELEASE (STABLE) to compile snort i used following line: ../configure --with-mysql=/usr/local/mysql;make;make install i did change acid_conf.php i put path to adodb in adodb i put local path in adodb.inc.php when i go to http://localhost/acid it redirects me to acid_main.php and
when
it gets there i get this: The underlying database alexus@localhost apears to be invalid. The database version is valid, but the ACID DB structure (table:
acid_ag) is
not present. Use the Setup page to configure and optimize the DB when i click on "Setup page" in status window i get "DONE" for "Search Indexes" and i have "Create
ACID
AG" for "ACID tables" i'm assuming i need to click on "Create ACID AG",
when
I do that nothing happenes, it won't disappear or it won't change status
to
"DONE".. what am i missing? _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--------------------------------------------- This message was sent using Voicenet WebMail. http://www.voicenet.com/webmail/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + Acid w/ MySQL question(s) alexus (May 10)
- <Possible follow-ups>
- Re: Snort + Acid w/ MySQL question(s) roman (May 10)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 10)
- Re: Snort + Acid w/ MySQL question(s) Koaps (May 10)
- Re: Snort + Acid w/ MySQL question(s) roman (May 10)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 11)
- Re: Snort + Acid w/ MySQL question(s) roman (May 11)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 11)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 11)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 11)
- Re: Snort + Acid w/ MySQL question(s) roman (May 11)
- Re: Snort + Acid w/ MySQL question(s) roman (May 11)
- Re: Snort + Acid w/ MySQL question(s) roman (May 11)
- Re: Snort + Acid w/ MySQL question(s) alexus (May 11)
(Thread continues...)