Snort mailing list archives
Re: MySQL support for Snort 2.9.4
From: Kaya Saman <kayasaman () gmail com>
Date: Tue, 11 Dec 2012 00:54:59 +0000
On 12/11/2012 12:47 AM, Jeremy Hoel wrote:
Database support has been removed from snort. Use the unified2 output and Barnyard2 to put data into a databse.
Thanks for the information! Does this also include version 2.9.3.1? The snort.conf still includes the database option..... though running with the option engaged doesn't work. The reason why am asking about the older version in addition is because the obtainable rules are for that and not the later 2.9.4 which one would need subscription for. I guess I will have to look at building Barnyard2 and figuring out how they integrate. It's a bit of a shame as it makes setup and running easier (at least for a beginner like me) :-) Regards, Kaya
On Tue, Dec 11, 2012 at 12:15 AM, Kaya Saman <kayasaman () gmail com> wrote:Hi, I've installed Daq 2.0 and Snort 2.9.4 however, I'm confused about the MySQL support. Initially running ./configure --help didn't yield any option for support: --enable-mysql= Also adding the option: output database - in the snort.conf file doesn't work either. Should I downgrade to version 2.9.3 or am I missing something? I have gone through the Snort user manual from www.snort.org/docs and saw some information on this under preprocessor_stream5 but nothing to add to my snort.conf. What am I missing??? Thanks. Kaya ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 beenph (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Kaya Saman (Dec 10)
- Re: MySQL support for Snort 2.9.4 Jeremy Hoel (Dec 10)