[Snort-devel] Dynamic Preprocessor Example doesn't log in Database

Thomas LESTRIEZ thomas.lestriez at ...3158...
Mon Apr 4 04:06:42 EDT 2011


Hello,

I am using Snort 2.9.0.3 in a Debian.

I can log in database thanks to the snort's classic rule system, like does 
my "test.rules" file contains a rule alerting when the port 200 is used in 
the network. So my Mysql database works and my snort.conf and 
barnyard2.conf seems to be well configured.

I installed and compiled the Dynamic Preprocessor Example of Snort. It 
works well, and I can see logs in the syslog file when the Dynamic 
Preprocessor Example matches the port I configured in snorf.conf (11123).

My problem is:  Only the dynamic preprocessor example doesn't log in Mysql 
database (It just logs in the syslog). The example use the 
"_dpd.addAlert(.......);  " function, but it seems it doesn't work for 
me...

Could you help me please?

Thank you.

PS: I tested with another dynamic prepreocessor, it doesn't log in 
database neither.

Regards,



  
 
Thomas LESTRIEZ
Apprenti Ingénieur
EDF - R&D
SINETICS
1, avenue du Général de Gaulle
BP 408
92141 Clamart Cedex
 
thomas.lestriez at ...3158...
Tél. : 0147653811
  
Un geste simple pour l'environnement, n'imprimez ce message que si vous en 
avez l'utilité.



Ce message et toutes les pièces jointes (ci-après le 'Message') sont établis à l'intention exclusive des destinataires et les informations qui y figurent sont strictement confidentielles. Toute utilisation de ce Message non conforme à sa destination, toute diffusion ou toute publication totale ou partielle, est interdite sauf autorisation expresse.

Si vous n'êtes pas le destinataire de ce Message, il vous est interdit de le copier, de le faire suivre, de le divulguer ou d'en utiliser tout ou partie. Si vous avez reçu ce Message par erreur, merci de le supprimer de votre système, ainsi que toutes ses copies, et de n'en garder aucune trace sur quelque support que ce soit. Nous vous remercions également d'en avertir immédiatement l'expéditeur par retour du message.

Il est impossible de garantir que les communications par messagerie électronique arrivent en temps utile, sont sécurisées ou dénuées de toute erreur ou virus.
____________________________________________________

This message and any attachments (the 'Message') are intended solely for the addressees. The information contained in this Message is confidential. Any use of information contained in this Message not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval.

If you are not the addressee, you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return message.

E-mail communication cannot be guaranteed to be timely secure, error or virus-free.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20110404/52e220bf/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1816 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20110404/52e220bf/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1151 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20110404/52e220bf/attachment-0001.gif>


More information about the Snort-devel mailing list