Snort mailing list archives
snort 1.7/ACID logging to MYSQL, but no signatures showing
From: "Keith & Rachel Murphy" <rae.murphy () verizon net>
Date: Fri, 17 Aug 2001 17:24:38 -0700
I am kind of new to snort. I had no problems installing it on a Debian based server (that is why it is running 1.7 instead of the latest). It appears to log everything to the /var/log/auth.log and /var/log/snort/* files. I decided to set up ACID to bring the web interface to the intrusion detection. ACID was simple to set up, it is now logging events to the database, in fact i can log into MySQL and "select * from event;" and see the events with IDS numbers and descriptions such as "RPC portmap" that indicate the snort knows what type of attack is being launched (right?). But, ACID never shows a Signature..it always shows a 0. What dumb thing am I doing :). Thanks, Keith
Current thread:
- snort 1.7/ACID logging to MYSQL, but no signatures showing Keith & Rachel Murphy (Aug 17)
- <Possible follow-ups>
- Re: snort 1.7/ACID logging to MYSQL, but no signatures showing roman (Aug 19)
- Re: snort 1.7/ACID logging to MYSQL, but no signatures showing Keith & Rachel Murphy (Aug 19)