Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Barnyard not inserting on ACID tables in MySQL, just regular snort ones

From: Dirk Geschke <Dirk_Geschke () genua de>
Date: Wed, 01 Sep 2004 09:44:20 +0200
Hi Pedro,


I don't know why, but barnyard is not inserting on ACID tables in
MySQL, and ACID does not show any alert.

I'm pretty sure of:
- snort is logging alerts correctly to unified log files
- barnyard is being able to read them and...
- ... it is connecting to mysql correctly and....
- it is inserting only on tables event,iphdr,tcphdr,data

Don't know why:
- barnyard is not inserting on acid specific tables (it must be
because of this that ACID does not shows anything!)


that is easy to explain: Only ACID fills the acid tables...

The acid output plugin of barnyard is used to fill the database
scheme which is used by acid. The acid tables are extensions made
by acid to the database and is mainly used for caching or building
up alert groups within acid.

So don't blame barnyard for this...

Best regards

Dirk



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idP47&alloc_id808&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: