Re: Snort Install successful - Need a proper database

[beenph <beenph () gmail com>]

On Wed, Nov 21, 2012 at 12:18 PM, k vijay sai prashanth
<vijaysaiprashanth () gmail com> wrote:
> All resolved now. Each time I start barnyard2 the events count is
> incremented. So barnyard2 is feeding the events from snort to the mysql
> database. Thanks Ron. Appreciate the advise. Sadly I am not sure which of
> the steps rectified the issue.
>
> The following are the changes I made which caused the installation to be
> successful:
>
> 1. output alert_fast to output alert_fast: stdout.
> 2. change is barnyard.conf
> 4. changed the variables config hostname from thor to localhost.

None of those steps should influence database logging.

> 5. And make sure when you run barnyard2 using the below command the snort
> process must already be running.

Barnyard2 can run without snort running.

> 3. Did a make clean on the barnyard2 installation and then did the
> ./configure --with-mysql.

If you first compiled barnyard2 with ./configure only and never
specified --with-mysql and you would have
conifgured barnyard2 with output database: xxxxxx

you should have got an error mentionning that it can't enable database
logging without being configured with
database support.

-elz

------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!