Snort mailing list archives
Re: Can snort send alerts to the mysql database w/out ...output file?grep -i output /usr/local/etc/snort/snort.conf
From: Dirk Geschke <dirk () geschke-online de>
Date: Sat, 11 Mar 2006 20:26:48 +0100
Hi Raymond,
output database: log, mysql, user=yyyyy dbname=snort password=xxxxxx host=snorthost sensor_name=ids01 output database: log, mysql, user=yyyyy dbname=snort_archive password=xxxxxx host=snorthost sensor_name=ids01
you have only output plugins for the "log" facility. Therefore snort will use the default for the "alert" facility which is writing of files to /var/log/snort.... Try the option "-A none" which will disable all alerts but still allows the "log" output plugin to work... Best regards Dirk ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Can snort send alerts to the mysql database w/out ...output file?grep -i output /usr/local/etc/snort/snort.conf Jacob, Raymond A Jr (Mar 11)
- Re: Can snort send alerts to the mysql database w/out ...output file?grep -i output /usr/local/etc/snort/snort.conf Dirk Geschke (Mar 11)
- <Possible follow-ups>
- RE: Can snort send alerts to the mysql database w/out ...output file?grep -i output /usr/local/etc/snort/snort.conf Jacob, Raymond A Jr (Mar 11)