Snort mailing list archives

portscans and ACID

From: "Mike Macias" <mike.macias () caci-nsg com>
Date: Tue, 19 Mar 2002 15:58:12 -0500

I've been looking through the snort users archive and found plenty of documentation on how to get ACID to see 
portscans.  I've finally got things working, however I'm a little concerned about my solution.  In snort.conf I have 2 
output plugins specified:

output database: log, mysql, user=snort password=abcdef dbname=snort_db host=localhost 
output database: alert, mysql, user=snort password=abcdef dbname=snort_db host=localhost (so that ACID can see 
portscans)

Will having 2 outputs specified adversely affect any data in the MySQL db?

Current thread:

portscans and acid Basil Saragoza (Mar 13)
- <Possible follow-ups>
- RE: portscans and acid Chris Eidem (Mar 13)
- Re: portscans and acid Roman Danyliw (Mar 13)
  - Re: portscans and acid Basil Saragoza (Mar 14)
- portscans and ACID Mike Macias (Mar 19)
  - Re: portscans and ACID Omar McKenzie (Mar 21)