Snort mailing list archives
RE: Snort and MySQL
From: "Patrick S. Harper" <patrick () internetsecurityguru com>
Date: Sun, 29 Aug 2004 16:03:54 -0500
Not if you have your conf file set up right. The output database line has that info. Patrick S. Harper | CISSP RHCT MCSE www.internetsecurityguru.com www.ntsug.org - Snort Users Group "If there is no light at the end of the tunnel, get down there and light the damn thing yourself!" -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Miikka Hattberg Sent: Sunday, August 29, 2004 1:49 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Snort and MySQL I might be totally off, but shouldn't you specify the MySQL username in the command whe you start snort. like ' snort -u snort -c /etc/snort/snort.conf ' m. Robert Spangler wrote:
Hello, I seem to be having a problem setting up snort to use MySQL database. When I run 'snort -c /etc/snort/snort.conf' I get the following: =================================================== Running in IDS mode Log directory = /var/log/snort Initializing Network Interface eth0 --== Initializing Snort ==-- Initializing Output Plugins! Decoding Ethernet on interface eth0 Initializing Preprocessors! Initializing Plug-ins! Parsing Rules file /etc/snort/snort.conf +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... database: compiled support for ( MySQL ) database: configured to use MySQL database: user = snort database: database name = snort database: host = localhost database: sensor name = 192.168.1.100 ERROR: database: MySQL_error: Access denied for user: 'snort@localhost' (Using password: NO) Fatal Error, Quitting.. =================================================== snort.conf has the following entry: =================================================== output database: log, MySQL, user=snort, password=******** dbname=snort host=localhost =================================================== MySQL was setup using this line for snort: =================================================== grant INSERT,SELECT on root.* to snort@localhost; SET PASSWORD FOR snort@localhost=PASSOWRD('********'); grant CREATE,INSERT,SELECT,DELETE,UPDATE on snort.* to snort@localhost; grant CREATE,INSERT,SELECT,DELETE,UPDATE on snort.* to snort; =================================================== This was a step by step guide I had followed to set this up. I'm hoping someone might be able to see what I'm missing. Thnx
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort and MySQL Robert Spangler (Aug 29)
- Re: Snort and MySQL Miikka Hattberg (Aug 29)
- RE: Snort and MySQL Patrick S. Harper (Aug 29)
- RE: Snort and MySQL Michael Steele (Aug 29)
- RE: Snort and MySQL Patrick S. Harper (Aug 29)
- Re: Snort and MySQL [SOLVED MAYBE] Robert Spangler (Aug 29)
- RE: Snort and MySQL [SOLVED MAYBE] Patrick S. Harper (Aug 30)
- <Possible follow-ups>
- Snort and MySQL FAzle Rokib (Aug 29)
- Re: Snort and MySQL Miikka Hattberg (Aug 29)