Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort and MySQL

From: Joao Daniel Neves <joaodanielnevesss () hotmail com>
Date: Tue, 25 Sep 2012 17:10:44 +0300

Just for documenting:

I resolved the problem: 

    BARNYARD2-1.9, was not finding mySQL libraries because it was compiled for 64bits archeteture. The OS have being 
using 32bits MySQL libraries. 

    I uninstalled those mySQL 32bits libraries and installed 64bits version. 

Of course, when I compiled BARNYARD2-1.9, I needed to 'say' where to look for  new instaled libraries.


From: jesler () sourcefire com
Date: Fri, 21 Sep 2012 14:57:52 -0400
To: jthoel () gmail com
CC: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Snort and MySQL

http://blog.snort.org/2011/06/snorts-output-methods.html

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire

On Sep 21, 2012, at 2:47 PM, Jeremy Hoel <jthoel () gmail com> wrote:


The reason behind it was, as i can best summarize, is that snort is a
IDS/IPS and it's job is to generate alerts as quick as possible.  So
snort outputs to unified and syslog and that's about it.  Then you use
other tools to take the unified files and send them somewhere.  this
allows snort to work faster and focus on it's one task vs worring
about DB connections, etc.



On Fri, Sep 21, 2012 at 4:43 PM, PR <oly562 () gmail com> wrote:

whose bright idea what that by the way? reasons??? due to daq? just
curious. thanks, it helps me understand things more

On Fri, 2012-09-21 at 08:12 -0400, Jack wrote:

Snort can not output directly to mysql anymore, It is required to use
Barnyard2 in order to use mysql databases with snort now.

On Fri, Sep 21, 2012 at 7:20 AM, Joao Daniel Neves
<joaodanielnevesss () hotmail com> wrote:


Hi,

I instaled MySQL via RPM at Centos 5.5.

[root@host ]# rpm -qa | grep mysql
mysql-5.0.77-4.el5_6.6

It is a x86 package. My OS is x86_64

I have compiled the snort's dependencies for my system since that there
aren't official RPM packages. I ran ldconfig.

Then I finally tried to install snort.

./configure --with-mysql
A lot of output cuted
configure: WARNING: unrecognized options: --with-mysql

My question: How to compile Snort to use MySQL?


------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort
news!







------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!


------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!



------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

                                          
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: