Snort mailing list archives
Re: loggin to mySQL
From: Guillaume <guillaume () sky fr>
Date: Mon, 18 Jun 2001 07:42:35 +0200
Blake Frantz wrote:
Hello,
I'm having a problem getting snort to log to mySQL. Everything is being
logged to /var/log/snort. Below are the details, any help is appreciated.
This is how I have loggin setup in my snort.conf:
ruletype log2mySQL
{
type log
output database: log, mysql, user=snort dbname=snort host=localhost
}
Check your rules : do you use "log2mySQL" facility instead of "alert" or "log" ? I.e : "alert tcp $EXTERNAL_NET any -> $HOME_NET 21 ....." Should be : "log2mySQL tcp $EXTERNAL_NET any -> $HOME_NET 21 ....." Guillaume. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- spade reports Josh Gentry (Jun 16)
- Re: spade reports James Hoagland (Jun 17)
- loggin to mySQL Blake Frantz (Jun 17)
- RE: loggin to mySQL Jason Lewis (Jun 17)
- Re: loggin to mySQL Grant Parkinson (Jun 17)
- Re: loggin to mySQL Guillaume (Jun 17)
- loggin to mySQL Blake Frantz (Jun 17)
- Re: spade reports James Hoagland (Jun 17)