Signature Table in snort DB not updating

[Balasubramaniam Natarajan <bala150985 () gmail com>]

Does any one know why the signature table under my snort database on mysql
does not get populated with proper signature name ?  Once I go in and
manually update it then the event message appears properly on my Base
console.  Is there any way for me to automate it ?

I am using

root@nscbose:/store/snort/log# snort -V

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.3.1 IPv6 GRE (Build 40)
   ''''    By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2012 Sourcefire, Inc., et al.
           Using libpcap version 1.1.1
           Using PCRE version: 8.12 2011-01-15
           Using ZLIB version: 1.2.3.4

root@nscbose:/store/snort/log# barnyard2 -v

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.11 (Build 317)
 |o"  )~|  By Ian Firns (SecurixLive): http://www.securixlive.com/
 + '''' +  (C) Copyright 2008-2012 Ian Firns <firnsy () securixlive com>

USAGE: barnyard2 [-options] <filter options>
Gernal Options:


mysql> select * from signature;
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+
| sig_id | sig_name                                                     |
sig_class_id | sig_priority | sig_rev | sig_sid  | sig_gid |
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+
|    475 | Snort Alert [1:2014101:2]
|           21 |            1 |       2 |  2014101 |       1 |
|    476 | FILE-IDENTIFY Portable Executable binary file magic detected
|           29 |            3 |      16 |    15306 |       1 |
|    477 | Snort Alert [1:2012239:1]
|           21 |            1 |       1 |  2012239 |       1 |
|    478 | *Snort Alert [1:10000000:1] *
|            0 |            0 |       1 | 10000000 |       1 |
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+
478 rows in set (0.01 sec)

mysql> update signature Set sig_name="*Saw ICMP msg*" WHERE sig_id=478;

mysql> select * from signature;
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+
| sig_id | sig_name                                                     |
sig_class_id | sig_priority | sig_rev | sig_sid  | sig_gid |
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+
|    475 | Snort Alert [1:2014101:2]
|           21 |            1 |       2 |  2014101 |       1 |
|    476 | FILE-IDENTIFY Portable Executable binary file magic detected
|           29 |            3 |      16 |    15306 |       1 |
|    477 | Snort Alert [1:2012239:1]
|           21 |            1 |       1 |  2012239 |       1 |
|    478 | *Saw ICMP msg  *
|            0 |            0 |       1 | 10000000 |       1 |
+--------+--------------------------------------------------------------+--------------+--------------+---------+----------+---------+


-- 
Regards,
Balasubramaniam Natarajan
www.etutorshop.com/moodle/

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!