Snort mailing list archives
Re: Logging to database and not to log directory
From: Gnik <gniknalu () sbcglobal net>
Date: Sat, 4 Oct 2003 07:39:25 -0700 (PDT)
Yeah - I struggled with that one for a while. . . . In the FAQ it says, "YOU MUST ALWAYS HAVE A LOGGING DIRECTORY SET VIA THE COMMAND LINE." I don't know why - but I DO know that when I don't set it, it doesn't work in Windows. Enjoy! Gnik --- "bluerain () pandora be" <bluerain () pandora be> wrote:
Hello, I've installed Snort 2.0.2 on Windows. I would like to log to a MS SQL database, and only to the database (not to the log directory). I've included these lines in snort.conf: config logdir: c:\Snort\log config interface: 1 output database: log, mssql, dbname=snort host=localhost user=sa password=xxx output log_null output database: alert, mssql, dbname=snort host=localhost user=sa password=xxx I run Snort using following command: snort -c snort.conf This is the error message I get: Running in IDS mode Log directory = log ERROR: [!] ERROR: Can not get write access to logging directory "log". How can I tell Snort to use only database logging ? It looks as if Snort is ignoring the config lines in my snort.conf file. The database is set up correctly but remains empty. Thanks, Niko
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Logging to database and not to log directory bluerain () pandora be (Oct 04)
- Re: Logging to database and not to log directory Gnik (Oct 04)