Re: mysql on another box?

[James Riden <j.riden () massey ac nz>]

Larry Wichman <larrywichman () yahoo com> writes:

>    Initializing rule chains...
>
>    database: compiled support for ( )
>
>    database: configured to use mysql
>
>    database: 'mysql' support is not compiled into this build of snort

You need to have compiled with --with-mysql, or grab a prebuilt RPM,
or whatever is appropriate for your platform.

>    Do I still have to have MYSQL running on the sensor even though tit is
>    logging somewhere else?

I'm using postgresql, but I'd guess you'd need some mysql rpms with
-client- and/or -common- in the name. But the database doesn't have to
be running on the sensor.

>    Here is what I put in snort.conf to tell it to log to the other box:
>
>    output database:log,mysql,user=snort password=Ournetwork* dbname=root
>    host=10.255.55.11

I have a vision of hundreds of script kiddies trying to crack
10.255.55.11 and wondering why it's not working :)

-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users