Snort mailing list archives
Re: v2.8.4 incorrect logging to MySQL
From: "Danny Paul" <JDPAUL () GoColumbiaMO com>
Date: Sat, 11 Apr 2009 12:11:33 -0500
Well, like I said - it's writing to the events table, but it's not writing to the sensors or signatures table. Of course if those tables were already populated (in an upgrade situation, for example) that would not be a big issue until new signatures came out or new sensors came online. In my case I was doing a test install before upgrade and noticed that the new version no longer would populate those two tables. Can anyone else duplicate this? Obviously you'd have to start with an empty database. :-)
On 4/11/2009 at 11:51 AM, in message
<665172f40904110951j23451026q7f98769d5b98f49a () mail gmail com>, <rsreese () gmail com> wrote:
On Sat, Apr 11, 2009 at 11:37 AM, Danny Paul <JDPAUL () gocolumbiamo com> wrote:I don't really *need* to use barnyard - snort thus far has not had a problemkeeping up with the traffic while writing logs directly to MySQL. We're talking about a pretty low speed link, really. As far as what's correct, writing its log to MySQL is supported, is it not? I haven't seen a problem writing data to MySQL from Snort and I'm writing directly to MySQL from Snort. $ mysql -uroot -pblah -D snort -e "select count(*) from event" +----------+ | count(*) | +----------+ | 55 | +----------+ I have had trouble getting my Base setup working correctly but it's probably just me :-o. ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
** Virus scanned by City of Columbia MO Email Firewall ** ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- v2.8.4 incorrect logging to MySQL Danny Paul (Apr 10)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 10)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Matt Watchinski (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL James Lay (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 10)