Snort mailing list archives
Re: Question about Snort/ACID/MySQL and how they play together
From: Erek Adams <erek () snort org>
Date: Thu, 24 Apr 2003 07:31:44 -0400 (EDT)
On Wed, 23 Apr 2003, Snow Jacob C KPWA wrote:
output database: log, mysql, user=snort1 password=test_snort dbname=snort host=xxx.xxx.xxx.xxx port=3306 sensor_name=slave1 output database: alert, mysql, user=snort1 password=test_snort dbname=snort host=xxx.xxx.xxx.xxx port=3306 sensor_name=slave1 in the snort.conf file will you get alerts in the log file as well?
[...snip...] Logging vs. Alerting [0]. Short answer: It's useless to have both lines. Just change it to 'log', and the db output plugin gets all logged and alerted rules. Cheers! ----- Erek Adams "When things get weird, the weird turn pro." H.S. Thompson [0] http://www.theadamsfamily.net/~erek/snort/logging_methods.txt ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Question about Snort/ACID/MySQL and how they play together Snow Jacob C KPWA (Apr 23)
- RE: Question about Snort/ACID/MySQL and how they play together Michael Steele (Apr 23)
- Re: Question about Snort/ACID/MySQL and how they play together Erek Adams (Apr 24)
- <Possible follow-ups>
- Question about Snort/ACID/MySQL and how they play together Snow Jacob C KPWA (Apr 23)
- RE: Question about Snort/ACID/MySQL and how they play together Michael Steele (Apr 25)