Snort mailing list archives
RE: Logging to Both Syslog and MySql
From: "Uhte, Russ" <RussU () RP-L com>
Date: Thu, 19 Sep 2002 14:47:26 -0500
Dave What has to be done is to recompile the snort code .... Or get a copy of the recompiled Snort code that tells snort not to override other outputs when starting with the -s switch... And then start snort from the command line with -s xxx.xxx.xxx.xxx:514 I might still have a copy of the recompiled snort.exe lying around somewhere if you're interested. However, with the recompiled version, I couldn't start snort as a service, so I choose not to use it!! -Russ -----Original Message----- From: doswald () nexterna com [mailto:doswald () nexterna com] Sent: Thursday, September 19, 2002 11:46 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Logging to Both Syslog and MySql I know this subject has been covered before..I have tried to do my homework by searching the archives but I still don't seem to be able to find the answer to this issue. I am running the 1.8 version of snort on Windows 2000 server and I am trying to log both to a remote MySQL database and a remote syslog server with the following config in my snort.conf file output alert_syslog: LOG_AUTH LOG_ALERT host=172.16.9.38 output database: log, mysql, user=snort password=snort dbname=snort host=172.16.9.38 sensor_name=ids1 I do get information in database but not my syslog server, what am I missing ? Is this possible ? Thanks for any help in advance Dave ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users --- [This E-mail scanned for viruses by Declude Virus] --- CONFIDENTIALITY NOTICE: This email and any attachments are for the exclusive and confidential use of the intended recipient. If you are not the intended recipient, please do not read, distribute or take action in reliance upon this message. If you have received this in error, please notify us immediately by return email and promptly delete this message and its attachments from your computer system. --- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Logging to Both Syslog and MySql doswald (Sep 19)
- Re: Logging to Both Syslog and MySql twig les (Sep 19)
- <Possible follow-ups>
- RE: Logging to Both Syslog and MySql Uhte, Russ (Sep 19)