Snort mailing list archives
Re: snort(psql + acid)
From: Demetri Mouratis <dmourati () cm math uiuc edu>
Date: Thu, 14 Feb 2002 22:49:31 -0600 (CST)
Jonathan, I use snort+acid+postgresql to monitor a few networks at work. I recently setup a sysytem following instructions from: http://kellys.net/snort/ You should update the packages to the most current available but the instructions will still work. Good luck. On Thu, 14 Feb 2002, Jonathan wrote:
Hello, I'm fairly new to snort but am learning. I have no problems with snortsnarf which is helpful to sift through a lot of logs. Problem is, I took over for the guy that just left. He set up psql to log packets and now I'm stuck trying to use a database I know >nothing< about to get any useful information from these packets. I was told to try ACID, which I have set up but have some issues using. Everything is set up correctly, there just seems to be problems concerning authentication of a user accessing the db with afs and kerberos that we haven't been able to work out. To the point, I'm looking for some information, a website, anything to help me learn snort+psql and maybe acid. I found the postgresql docs but they are of little help if you don't know what to select in the snort-db (plus those docs look mostly like gibberish to me.. ack... :) ). Any help or suggestions would be appreciated. Frustrated, :) ~jonathan _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
--------------------------------------------------------------------- Demetri Mouratis dmourati () linfactory com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort(psql + acid) Jonathan (Feb 14)
- Re: snort(psql + acid) Demetri Mouratis (Feb 14)