[Snort-users] Logging Snort to remote mySQL DB
chad131 at ...131...
Mon Apr 2 11:04:38 EDT 2001
I have Snort 1.7 logging to MySQL and ACID working just fine on 1
sensor (RedHat 7). I have other snort sensors on the network and
currently I'm using snarf to view the logs. I would like to switch
these over to log to MySQL over the network.
I am getting errors compiling Snort using the --with-mysql option.
Is it necessary to have MySQL installed on every box or is there a
work around?? I would like to create all the sensors with OpenBSD
and snort (trying to avoid installing mysql everywhere).
Thanks in advance,
P.S. Does anyone have any stats as to the size of MySQL with regards
to number of alerts in a DB?? Also, is there a bandwith concern
logging directly to MySQL over a network?
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
More information about the Snort-users