[Snort-users] Enabling output log_database option in the new rules file...

Jed Pickel jed at ...153...
Fri Aug 11 16:35:28 EDT 2000


Hey there "HE4TO",

> It's me with my simple questions....
> How would I enable logging to a database in a new rules file?  I 
> understand that snort-lib is the default rules file.  
...
> I tried adding the line: output log_database: mysql, dbname=snort
> user=snort host=localhost to the 07272k.rules file, but
> nothing happens.  It works just fine with snort-lib. This is the
> command line I use:

Hmm... The snort-lib does not currently even have a line for the
database plugin. It does have a commented out line for
"log_postgresql" which is the old outdated version. Take a look at the
following URL for detailed instructions on how to set this up.

   http://www.incident.org/snortdb

* Jed




More information about the Snort-users mailing list