Snort mailing list archives
RE: MySql and Snort
From: "L. Christopher Luther" <CLuther () Xybernaut com>
Date: Wed, 5 Feb 2003 19:48:35 -0500
Cilin, Please post additional information so that we can better help you. For example: o The Snort command line you use when not sniffing (i.e., the '-v' puts Snort in sniffer mode, not in packet logger mode). o Output plugins in snort.conf o etc. Regards, Christopher -----Original Message----- Date: Wed, 5 Feb 2003 14:51:32 -0800 (PST) From: Cilin <cilin5 () yahoo com> To: snort-users () lists sourceforge net Subject: [Snort-users] MySql and Snort Hi, I am newbie to snort and also have the problem of Snort not logging into the MySql database. I did the following steps, as recommended in one of the earlier emails but nothing helped. 1. Created the database snort in MySQL with appropriate permissions for users and hosts. 2. Ran the script contrib/create_mysql in the snort source code against the database as a user with the correct permissions. 3. Uncommented and supplied user, password, database and host for the output database line for mysql in the snort.conf file. 4. Restarted Snort. and still nothing Snort does log the scans (scan.log gets updated every time i run a scan over the network) However i haven't gotten a single error yet. (alert.ids is 0Kb) when i run snort from the command line via "snort -v -i 1" I get: 0 dropped packages Action stats: Alerts: 0 Logs : 0 Passed: 0 Wireless Stats, Fragmentation Stats, TCP Stream Reasembly stats have ONLY '0's. Please help, i have searched the internet and the forums for any clues for the past 2 weeks but didn't find anything. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Current thread:
- RE: MySql and Snort L. Christopher Luther (Feb 05)
- <Possible follow-ups>
- RE: MySql and Snort L. Christopher Luther (Feb 08)
- RE: MySql and Snort L. Christopher Luther (Feb 08)