Snort mailing list archives

Snort+ACID+MySql DB maint problems

From: "Smith, Aron" <AronSmith () users com>
Date: Mon, 10 Mar 2003 11:38:57 -0500

I have Snort logging to MySql with no problems, and the ACID web pages work just fine.  The problem is when I go to 
delete [big] chunks of the database via ACID the query just sits forever and nothing gets deleted.  Any hints?

___________________________________________
Aron Smith - CCNP, MCSE (aronsmith () users com)
Network Services - USERS, Inc. (800) 523-7282


-----Original Message-----
From: Joerg Weber [mailto:j.weber () infos de] 
Sent: Monday, March 10, 2003 11:14 AM
To: SnortUsers
Subject: Re: [Snort-users] SNORT with mysql


Hi,

What is the best way to test if snort works 100% with mysql (that it 
logs all in mysql)?

Did you google around abit? You might find that [0] is pretty informative, aside from the the FAQ at [1].

If you just want to know wether snort's logging into the DB and you'r not using a web-interface (dunno why you'd do 
that, though),

mysql -usnort -p -hhost
connect snort;
select count(1) from snort.acid_event;


assuming that snort's the name of the DB, this will count the elements in the acid_event DB. It shouldn't be empty.

Alternatively, you can of course always tcpdump on your snorthost and you'll see MySQL etc. traffic.

All based on the assumption that your config is right, of course.

Good luck!

[0] http://www.andrew.cmu.edu/~rdanyliw/snort/snortdb/snortdb_faq.html
[1] http://www.snort.org/docs/faq.html
-- 
Joerg Weber
Network Security

infoServe GmbH
Nell-Breuning-Allee 6
D-66115 Saarbruecken

T: (0681) 8 80 08 - 0
F: (0681) 8 80 08 - 59
www.infos.de
E: j.weber () infos de


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort+ACID+MySql DB maint problems Smith, Aron (Mar 10)
- Re: Snort+ACID+MySql DB maint problems Paul Schmehl (Mar 10)
- <Possible follow-ups>
- RE: Snort+ACID+MySql DB maint problems Smith, Aron (Mar 10)
  - RE: Snort+ACID+MySql DB maint problems Paul Schmehl (Mar 10)