Snort mailing list archives

Previous By Date Next
Previous By Thread Next

alert_full won't create subdirectories for ip addresses when mysql logging is enabled

From: Peter Schobel <drifter () zenfinity com>
Date: Thu, 28 Nov 2002 14:38:16 -0500

I have been searching the lists and have found a few posts on this problem but 
couldn't find any posts that described a resolution

I am using 

output alert_full

output alert_syslog: LOG_AUTH LOG_ALERT

and 

output database: log, mysql, user=user password=pass dbname=snortlogs 
host=localhost

as soon as I turn on the database output, the ip address subdirectories in 
/var/log/snort are not created, when the database logging is disabled, 
functionality returns to normal 

I am starting snort with 

        daemon /usr/sbin/snort-mysql -l /var/log/snort -D -p\
                 -i $INTERFACE -c /etc/snort/snort.conf
  
Peter Schobel
~

-- 
"dream like you'll live forever, live like you'll die today"

James Dean


-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: