Snort mailing list archives
Question about Snort/ACID/MySQL and portscans
From: Snow Jacob C KPWA <JacobSC () kpt nuwc navy mil>
Date: Thu, 24 Apr 2003 13:04:22 -0700
Just a curious question when you have: output database: log, mysql, user=snort1 password=test_snort dbname=snort host=xxx.xxx.xxx.xxx port=3306 sensor_name=slave1 output database: alert, mysql, user=snort1 password=test_snort dbname=snort host=xxx.xxx.xxx.xxx port=3306 sensor_name=slave1 in the snort.conf file will you get alerts in the log file as well? I have installed the service with: snort /service /install -o -l d:/applications/snort/log -c d:/applications/snort/etc/snort.conf -d -i3 I am wondering why none of the port scans that happen are showing up in SQL they are showing up in a text document in the log folder. Hwo do I configure the port scans to go to mysql so I can view them with acid? I am using snort 1.91 on win2k/xp. The alerts work fine and I can view everything with acid, except the port scans. I can go into the log directory and see the port scan listing. Thank you, Jacob Snow jacobsc () kpt nuwc navy mil <mailto:jacobsc () kpt nuwc navy mil> (360)315-3487 NAVSEA Intern
Current thread:
- Question about Snort/ACID/MySQL and portscans Snow Jacob C KPWA (Apr 24)
- RE: Question about Snort/ACID/MySQL and portscans Michael Steele (Apr 24)
- <Possible follow-ups>
- RE: Question about Snort/ACID/MySQL and portscans Slighter, Tim (Apr 25)