Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MySql Question

From: Guillaume <guillaume () anteria fr>
Date: Sun, 11 Nov 2001 16:11:08 +0100 (CET)
En réponse à olliecat <olliecat () bellatlantic net>:


I am logging to mysql just fine and I would rather not log anywhere
else.  How can I do this?  I also noticed, when starting from the
command line, I must specify a log file path otherwise I get:

"[!] ERROR: Can not get write access to logging directory
"/var/log/snort".
(directory doesn't exist or permissions are set incorrectly
or it is not a directory at all)

Fatal Error, Quitting.."

Its right, there is no /var/log/snort because I want everything in the
mysql database.  Am I missing something?

Thanks.


Hi.

I noticed quite the same thing: I only use MySQL to log alerts and all snort's
outputs, but snort seems to need some place on th:e filesystem (like
/var/log/snort).
I also noticed that if, for a reason or antother, snort can not connect to the
MySQL DB anymore, it switches to filesystem logging, i.e. logging alerts in
/var/log/snort directory. I would prefer when using MySQL for logging that snort
just stops logging instead... or, better, be able to use a backup MySQL server.

Guillaume.

**********************************
Sent with HORDE/IMP

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: