Re: v2.8.4 incorrect logging to MySQL

[Stephen Reese <rsreese () gmail com>]

Also note I start with an empty DB and I meant Snort Version 2.8.4 (Build 26)

On Sat, Apr 11, 2009 at 1:27 PM, Stephen Reese <rsreese () gmail com> wrote:
> On Sat, Apr 11, 2009 at 1:11 PM, Danny Paul <JDPAUL () gocolumbiamo com> wrote:
> > Well, like I said - it's writing to the events table, but it's not writing to the sensors or signatures table.  Of 
> > course if those tables were already populated (in an upgrade situation, for example) that would not be a big issue 
> > until new signatures came out or new sensors came online. In my case I was doing a test install before upgrade and 
> > noticed that the new version no longer would populate those two tables.
> >
> > Can anyone else duplicate this? Obviously you'd have to start with an empty database. :-)
>
> Correction, mine is also not writing to the sensor or signature tables.
>
> Base 1.4.1, Snort 2.8.1, and 5.0.32 on Linux debian 2.6.18-6-686
>
> $ mysql -uroot -p -D snort -e "select count(*) from event"
> +----------+
> | count(*) |
> +----------+
> |       57 |
> +----------+
>
> $ mysql -uroot -p -D snort -e "select count(*) from signature"
> +----------+
> | count(*) |
> +----------+
> |        0 |
> +----------+
>
> $ mysql -uroot -p -D snort -e "select count(*) from sensor"
> +----------+
> | count(*) |
> +----------+
> |        0 |
> +----------+

------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users