Snort mailing list archives
logging portscans to MySQL
From: Mike Diehn <mdiehn () vicinity com>
Date: Tue, 31 Jul 2001 19:01:02 -0400
I'm finding a bunch of "unique" signatures because all the spp_portscan events that I've (somehow) told snort to send to my SQL database have unique signatures. output database: alert_log, mysql, user=snort dbname=snort host=mysqlserver Dumb? I can't find clear documentation about the differences between alert_log, log, alert, etc. Thanks, Mike _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- logging portscans to MySQL Mike Diehn (Jul 31)
- Re: logging portscans to MySQL Jed Pickel (Jul 31)
- Re: logging portscans to MySQL Mike Diehn (Aug 01)
- Re: logging portscans to MySQL Jed Pickel (Jul 31)