Snort mailing list archives
I have a problem snort. Barnyard2 doesn't write log file to mysql. PLS HELP ME!!!
From: Serikjan Nurgaiv <n.seka_91 () yahoo com>
Date: Wed, 4 Sep 2013 21:44:37 -0700 (PDT)
When i start my services (snort, mysql, http, barnyard2) start fine. In my log file (var/log/snort) written alerts. But in my database (mysql) empty. I can see the alerts [root@localhost Desktop]# vi /usr/local/snort/etc/snort.conf var RULE_PATH /usr/local/snort/rules var SO_RULE_PATH /usr/local/snort/so_rules var PREPROC_RULE_PATH /usr/local/snort/preproc_rules # If you are using reputation preprocessor set these # Currently there is a bug with relative paths, they are relative to where snort is # not relative to snort.conf like the above variables # This is completely inconsistent with how other vars work, BUG 89986 # Set the absolute path appropriately var WHITE_LIST_PATH /usr/local/snort/rules var BLACK_LIST_PATH /usr/local/snort/rules var CONF_PATH /usr/local/etc/snort var LIB_PATH /usr/local/lib var SORULE_PATH $CONF_PATH/so_rules [root@localhost Desktop]# vi /etc/snort/barnyard.conf output unified2: filename snort.u2, limit 128 config reference_file: /etc/snort/reference.config config classification_file: /etc/snort/classification. config config gen_file: /etc/snort/gen-msg.map config sid_file: /etc/snort/sid-msg.map config hostname: localhost config interface: eth0 output database: log, mysql, user=snort password=snort dbname=snort host=localhost But my database is empty mysql> use snort; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> select * from event; Empty set (0.00 sec) mysql> And I configure BASE SYSTEM. Also can't connect mysql.
------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- I have a problem snort. Barnyard2 doesn't write log file to mysql. PLS HELP ME!!! Serikjan Nurgaiv (Sep 13)