Re: ACID question ..

[Ken Gunderson <kgunders () teamcool net>]

On Tuesday 18 February 2003 10:20 am, David Alonso De La Vega Tapage 
wrote:
> Yes I mean that is this ..  but can't find the problem ..  so far .. 
> my Snort Box is a RH 7.2   but qhen I chech mi acid_conf.php 
> everithing appears ok ..
>
> in my /var/www/html/acid_conf.php
>
> $DBlib_path = " ";
> $DBtype = " mysql ";
>
> Alert DB conections parameters
>
> $alert_dbname = " snort ";
> $alert_host       = " 127.0.0.1 ";
> $alert_port       = " ";
> $alert_usr         = " snort ";
> $alert_passwd  = " xxxx ";
>
> Archive DB conections parameters
>
> $archive_dbname = " snort_archive ";
> $archive_host       = " 127.0.0.1 ";
> $archive_port       = " ";
> $archive_usr         = " snort_archive ";
> $archive_passwd  = " xxxx ";
>
> in all case ..  before  move my snort box to the aoutside  ACID can
> read right from the DB ..  but after when stay outside not ..    and
> I don't do any changes in acid_conf.php only  in snort.conf
>
> Thanx for all ideas .. !

enable logging on mysqld.  something like /etc/my.conf (adjust for rh):

log     = /var/log/mysql.log


or wherever you want to stash you log.  chown mysql.log to user running 
mysqld and restart you mysqld.  is acid connecting to db?  is snort 
connecting to db?

-- 
Best regards,

Ken Gunderson
PGP Key-- 9F5179FD

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users