Snort mailing list archives
Re: Snort - Fatal Error
From: "prabu" <prabu333 () hotpop com>
Date: Mon, 26 Jul 2004 18:25:47 +0530
Then there is problem with the Database connectivity ,then comment in /etc/snort.conf,this line, output database: log, mysql, dbname=snort user=root host=localhost password=kovai Try with enabling alert_syslog or log_tcpdump works and run the snort.This will hepl U to find whether snort can run in other types of output configuration.Also,i dont know much about linux based database configuration. Prabu.S ----- Original Message ----- From: "Shankar" <list () zeeaccess com> To: "prabu" <prabu333 () hotpop com>; "Snort-Users" <snort-users () lists sourceforge net> Sent: Monday, July 26, 2004 5:44 PM Subject: RE: [Snort-users] Snort - Fatal Error
On Monday, July 26, 2004 4:52 PM prabu wrote:To: Shankar; Snort-Users Subject: Re: [Snort-users] Snort - Fatal Error Hello Shankar, First tell about your database configuration.I guess that u mighthavenot commented the (/etc/snort/snort.conf:453 line,since it is used for enabling log alerts to syslog.U should comment this line,if u want toenablethe databes loggging,since that line of the config file specifies to
alert
the output of logs to syslog.if u r using databes logging ,then ur snort.conf should have line as, for example,output database: log, mysql, dbname=snort user=root host=localhost password=kovaidear prabu, Thx for the mail/help. My database configuration is as below output database: log, mysql, user=snort password=mypassword dbname=snort host=localhost i use user snort instead of root. # mysql -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 26 to server version: 3.23.58 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> show databases; +----------+ | Database | +----------+ | mysql | | snort | | test | +----------+ 3 rows in set (0.00 sec) mysql> use snort Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +------------------+ | Tables_in_snort | +------------------+ | acid_ag | | acid_ag_alert | | acid_event | | acid_ip_cache | | data | | detail | | encoding | | event | | flags | | icmphdr | | iphdr | | opt | | protocols | | reference | | reference_system | | schema | | sensor | | services | | sig_class | | sig_reference | | signature | | tcphdr | | udphdr | +------------------+ 23 rows in set (0.00 sec) mysql> If i comment the Output line and type #snort -c /etc/snort/snort.conf then process hangs here and i dont get my # prompt back need to break it(ctrl^c) --== Initialization Complete ==-- -*> Snort! <*- Version 2.1.3 (Build 27) By Martin Roesch (roesch () sourcefire com, www.snort.org) thx in advance for ur mail/help. Regards, Shankar.
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.726 / Virus Database: 481 - Release Date: 7/22/2004 ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort - Fatal Error Shankar (Jul 26)
- RE: Snort - Fatal Error Jeff Dell (Jul 26)
- RE: Snort - Fatal Error Shankar (Jul 26)
- Re: Snort - Fatal Error prabu (Jul 26)
- RE: Snort - Fatal Error Shankar (Jul 26)
- Re: Snort - Fatal Error prabu (Jul 26)
- RE: Snort - Fatal Error Shankar (Jul 26)
- <Possible follow-ups>
- Fw: Snort - Fatal Error prabu (Jul 26)
- RE: Snort - Fatal Error Harper, Patrick (Jul 26)
- RE: Snort - Fatal Error Shankar (Jul 26)
- RE: Snort - Fatal Error Jeff Dell (Jul 26)
- RE: Snort - Fatal Error Shankar (Jul 26)
- RE: Snort - Fatal Error Harper, Patrick (Jul 26)
- RE: Snort - Fatal Error Jeff Dell (Jul 26)