Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort+database HOWTO???

From: Peter Bates <peter.bates () lshtm ac uk>
Date: Mon, 9 Jul 2001 16:18:39 +0100

Hello all...

Probably wiser to wait for the arrival of snort-1.8,
but I thought I'd explore logging to a PostgreSQL db.

I'm using the stock snort-1.7 (i.e. getting on a bit)
RPM, but rebuilt with postgresql option...

I have following line in snort.conf=

output database: log, postgresql, dbname=snort user=snort host=localhost
password=xxx

But all I get is:

Jul  9 16:11:09 sykes snort: database: Connection to database 'snort' failed

If I'm on the machine as the user 'snort', and
power up 'psql snort', I can do:

snort=> select * from event
snort-> ;
 sid | cid | signature | timestamp
-----+-----+-----------+-----------
(0 rows)

fine and dandy...

Can anyone point me to a really noddy HOWTO on
how to get the two working, or am I doing something
REALLY stupid?


Otherwise, I think I'll wait for the 'proper' release of 1.8...


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: