Snort mailing list archives
Re: snort IDS mode and mssql
From: Martin Roesch <roesch () sourcefire com>
Date: Mon, 2 Aug 2004 23:22:27 -0400
Hi Adam,Try adding a "-l ." switch at the command line. What alerting option are you using? You might want to try something like the syslog or "-A none" switch if you aren't using the real-time alerting stuff.
-Marty On Jul 30, 2004, at 10:54 AM, Adam Maxwell wrote:
Hi, I have just installed snort on a laptop running Windows 2003 Standard Server SQL 2000 SP3a Snort-2_2_0RC1I have created a database called snort with a username "snort" and password "snort". I have created the database schema, and also created a ODBC link to the database. The snort user has db_owner rights to the database.When I use snort with the -c option i get an error saying can't write to log directory, can someone tell me the correct settings in my snort.conf file. This is what I have tried"output database: log, mssql, dbname=snort, user=snort, host=localhost password=snort"The error I get is.ERROR: Can not write access to logging directory "log". (directory doesn't exist or permissions are set incorrectly or it is not a directory at all)Fatal Error, Quitting ********************************************************** This e-mail, including attachments, is confidential and is intended for view by the addressee only. Any views, opinions and judgements expressed are solely those of the author and may not reflect those If you have received this message in error, or have concerns about the use of this account, please contact: postmaster () elliott-group co uk . For more information about The Elliott Group Ltd, please visit the Web site at http://www.elliott-group.co.uk This footnote also confirms that this e-mail message has been swept by MIMEsweeper for the presence of computer viruses. **********************************************************
-- Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616 Sourcefire: Intelligent Security Monitoring roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort IDS mode and mssql Adam Maxwell (Jul 30)
- Re: snort IDS mode and mssql Martin Roesch (Aug 02)