Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: MY SQL, SNORT.

From: David Markle <davidmarkle () comcast net>
Date: Mon, 14 Apr 2003 09:26:29 -0400
Which doc did you use for your specific install?  Patrick S. Harper
[lists () internetsecurityguru com] put out a real nice doc for installing
these components on RH,
(http://www.internetsecurityguru.com/documents/snort_acid_rh8.pdf).

Specifically what are the errors you are having?  Did you put the correct
entry for the databases output plug in your snort.conf?  Patrick's paper
detail a nice method to test your install, so try it first.

First, verify that all of the applicable services are running, (apache,
mysql, snort). Then you should be able to match up the user, database, and
password from the snort.conf line and manually run a test from the command
line.  For example:


From my snort.conf:  (notice "yourpwd" will be your password without the

""'s)
output database: alert, mysql, user=root password="yourpwd" dbname=snort
host=localhost


From the command line:

#mysql -u root -p"yourpwd" <enter>   (no space after the -p)

This will give you a mysql prompt:
mysql> use snort          (here I am selecting the snort DB)
mysql> show tables;     (this will spit out the table structure for the
snort DB)

Unfortunately, I need more information to help you out further.  You may
have problems originating from the install.  Its hard to tell.  Please let
me know if you need more help.

dm


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of rehanann
Sent: Saturday, April 12, 2003 1:38 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] MY SQL, SNORT.




I install SNORT 1.9.1 ,in RH 8 preinstalled is MYSQL, APACHE, and PHP at
last I install ACID and with other components the problem is mysql could
not log any events  and i setup the machine very intensively with proper
documents so please give me quick idea about to solve the problem.


thanks.

Rehan Anwer.



-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger
for complex code. Debugging C/C++ programs can leave you feeling lost and
disoriented. TotalView can help you find your way. Available on major UNIX
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: