how to populate snort payload data to MySQL?

["samwun" <samwun () hgcbroadband com>]

Dear all,

I've been searched around in google but could not find a solution.
I've also changed the snort.conf confniguration so that it has the
following line enable:
output database: log, mysql, user=snort password=new_password
dbname=snort host=localhost encoding=hex detail=full

Although added the line econding=hex and detail=full to the above line,
but I still don't find a way to see full logging appear in MySQL tables.

Is the payload data really logged to the Mysql tables? How can I know
it?

Please see the following tables in MySQL:
mysql> show tables;
+------------------+
| Tables_in_snort  |
+------------------+
| acid_ag          |
| acid_ag_alert    |
| acid_event       |
| acid_ip_cache    |
| data             |
| detail           |
| encoding         |
| event            |
| flags            |
| icmphdr          |
| iphdr            |
| opt              |
| protocols        |
| reference        |
| reference_system |
| schema           |
| sensor           |
| services         |
| sig_class        |
| sig_reference    |
| signature        |
| tcphdr           |
| udphdr           |
+------------------+
23 rows in set (0.00 sec)
 
mysql>

Which tables contains payload data?

Thanks
Sam




-------------------------------------------------------
This SF.net email is sponsored by OSDN developer relations
Here's your chance to show off your extensive product knowledge
We want to know what you know. Tell us and you have a chance to win $100
http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users