[Snort-users] Enabling output log_database option in the new rules file...
he4to at ...125...
Fri Aug 11 14:13:46 EDT 2000
It's me with my simple questions....
How would I enable logging to a database in a new rules file? I understand that snort-lib is the default rules file. I tried adding the line: output log_database: mysql, dbname=snort user=snort host=localhost to the 07272k.rules file, but nothing happens. It works just fine with snort-lib. This is the command line I use:
bin/snort -D -d -l /usr/local/snort/log -h 206.XX.XX.XXX/24 -c snort-lib ----> works fine with mysql logging, however:
bin/snort -D -d -l /usr/local/snort/log -h 206.XX.XX.XXX/24 -c 07272k.rules -------> doesnt' produce any results.
What am I doing wrong? Thank you for your time and help.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users