Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MISC IP Reserved bit set

From: Martin Roesch <roesch () sourcefire com>
Date: Sun, 14 Oct 2001 23:47:44 -0400
PS .. how do i figure out why the snort alerts are not getting into my
mysql database even when i have the following line in the snort.conf?

# database: log to a variety of databases
# See the README.database file for more information about configuring
 output database: log, mysql, user=user dbname=snort host=localhost


Set it to 

output database: alert, mysql, user=user dbname=snort host=localhost
                 ^^^^^


when i do a process listing in mysql it seems that snort  is no longer
logged in from localhost after some time elapses.


Dunno about that one, ask Jed/Roman...


Also has anyone figured out how to get portscans into the database?


As above.


     -Marty

--
Martin Roesch - President, Sourcefire Inc. - (410)552-6999
roesch () sourcefire com - http://www.sourcefire.com  
Snort: Open Source Network IDS - http://www.snort.org

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: