[Snort-users] Enabling output log_database option in the new rules file...

HE4TO he4to at ...125...
Fri Aug 11 14:13:46 EDT 2000

Hi again,

It's me with my simple questions....
How would I enable logging to a database in a new rules file?  I understand that snort-lib is the default rules file.  I tried adding the line: output log_database: mysql, dbname=snort user=snort host=localhost to the 07272k.rules file, but nothing happens.  It works just fine with snort-lib.  This is the command line I use:

bin/snort -D -d -l /usr/local/snort/log -h 206.XX.XX.XXX/24 -c snort-lib ----> works fine with mysql logging, however:
bin/snort -D -d -l /usr/local/snort/log -h 206.XX.XX.XXX/24 -c 07272k.rules -------> doesnt' produce any results.

What am I doing wrong?  Thank you for your time and help.


