Snort mailing list archives

RE: [Snort-users]SNORT, +MySQL, +Acid, Apache on wi nXp

From: SecurityAdmin () aspentech com
Date: Fri, 11 Apr 2003 13:25:46 -0500

I would only set one of the output lines. By default snort will still log to
the disk even if you have it set in snort.conf to log to the DB. It may be
getting confused if you have both of these lines. Also, you should not need
to define the port number and you may want to change the 127.0.0.1 to the
actual machines name or IP just to test it out.
Any firewall running on the XP box that might be blocking port 3306?
I assume you are seeing the acid console fine but it just shows as 0 alerts,
right?
 
-----Original Message-----
From: Cory D. [mailto:coryd () euler com] 
Sent: Friday, April 11, 2003 9:53 AM
To: snort-users () lists sourceforge net
Subject: RE: [Snort-users] [Snort-users]SNORT, +MySQL, +Acid, Apache on
winXp
 
yes here is the *.conf lines i have.
output database: alert, mysql, user=snort password=xxx dbname=snort
host=127.0.0.1 port=3306 sensor_name=<HOSTNAME OF SENSOR>
output database: log, mysql, user=snort password=xxx dbname=snort
host=127.0.0.1 port=3306 sensor_name=<HOSTNAME OF SENSOR>
 
and the error log shows nothing.
-----Original Message-----
From: SecurityAdmin () aspentech com [mailto:SecurityAdmin () aspentech com]
Sent: Friday, April 11, 2003 10:16 AM
To: Cory D.; snort-users () lists sourceforge net
Subject: RE: [Snort-users] [Snort-users]SNORT, +MySQL, +Acid, Apache on
winXp
A couple quick things....
 
Did you change your snort.conf in the output area to point to the correct
database and the user id and password?
Does your MYSQL error log show any problems or issues connecting?
 
 
-----Original Message-----
From: Cory D. [mailto:coryd () euler com] 
Sent: Friday, April 11, 2003 7:12 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] [Snort-users]SNORT, +MySQL, +Acid, Apache on winXp
 
I have evrthing installed and SNORT, MySQL, and Apache all are working fine.

But when i use Acid there is no Data being logged to the webpage. 
I run snort from the command line c:>snort -v ix and i see output. I also
check the log file and i do have an *.ids file.
any ideas why I am not seeing any data being posted to the website. 
this was all set up by using silicaon defense instal manual for
snort,mysql,acid,apache. 
 
Cory D. 
Corporate IT Manager 
Euler Training Center 
Phone: 952.567.4219 
email:  mailto:coryd () euler com <mailto:coryd () euler com>  
website: www.euler.com 
------------------------------------------------------- This SF.net email is
sponsored by: Etnus, makers of TotalView, The debugger for complex code.
Debugging C/C++ programs can leave you feeling lost and disoriented.
TotalView can help you find your way. Available on major UNIX and Linux
platforms. Try it free. www.etnus.com
_______________________________________________ Snort-users mailing list
Snort-users () lists sourceforge net Go to this URL to change user options or
unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

RE: [Snort-users]SNORT, +MySQL, +Acid, Apache on wi nXp SecurityAdmin (Apr 11)
- <Possible follow-ups>
- RE: [Snort-users]SNORT, +MySQL, +Acid, Apache on wi nXp SecurityAdmin (Apr 11)