Re: Snort-MySQL problem

[Edin Dizdarevic <edin.dizdarevic () interActive-Systems de>]

Hi,

obviously there is no problem with Snort, since it reports
everything checked OK. Check the user permissions in MySQL now.
See the docs available at www.snort.org - especially that
Tutorial for RedHat 7.3 as well as older postings like "Snort
not logging, No alerts in ACID" and similar.

Log in as root to your DB and check the permissions for your snort user:

Example:

mysql> show grants for snort@192.168.0.1;
+--------------------------------------------------------------------------------------+
| Grants for snort@192.168.0.1
                |
+--------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'snort'@'192.168.0.1' IDENTIFIED BY PASSWORD 'X' |
| GRANT SELECT, INSERT, CREATE ON `snort`.* TO 'snort'@'192.168.0.1'
                |
| GRANT UPDATE ON snort.acid_ip_cache TO 'snort'@'192.168.0.1'
                |
| GRANT UPDATE ON snort.sensor TO 'snort'@'192.168.0.1'
                |
+--------------------------------------------------------------------------------------+
4 rows in set (0.00 sec)

Seems to be enough (or even too much ;) for my installation.

Regards,
Edin


Syed Zuhdi Syed Salim wrote:
> Hi,
>
> I have create database snort.
> I have configure snort to use database.
>
> I'm using nmap to test snort.
> But thereis no event in event table.
>
> My question :
> How to make snort log to snort database?
>
> Thanks for reply.
>
> Regards;
> syzuhdi


-- 
Edin Dizdarevic



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users