[Snort-users] SNORT WON'T LOG ANYTHING IN MYSQL

alexus ml at ...1718...
Mon Apr 9 18:17:17 EDT 2001


no .. that i didn't do...

where were i supposte to change alert to redalert?

----- Original Message -----
From: "Joe McAlerney" <joey at ...47...>
To: "alexus" <ml at ...1718...>
Cc: <snort-users at lists.sourceforge.net>
Sent: Monday, April 09, 2001 5:45 PM
Subject: Re: [Snort-users] SNORT WON'T LOG ANYTHING IN MYSQL


> Did you change your snort rule actions to type "redalert" instead of
> "alert"?
>
> redalert tcp any any -> any any (msg:"Hi, I was set off by a redalert
> rule";)
>
> Hope this helps,
>
> -Joe M.
>
> --
> |   Joe McAlerney     joey at ...155...   |
> | Silicon Defense - Technical Support for Snort |
> |       http://www.silicondefense.com/          |
> +--                                           --+
>
> alexus wrote:
> >
> > my snort won't log anything in log
> >
> > part of my snort.conf
> >
> > ruletype redalert
> > {
> >   type alert
> >   output alert_syslog: LOG_AUTH LOG_ALERT
> >   output database: log, mysql, user=xxx dbname=xxx host=xxx
password=xxxx
> > }
> >
> > what am i missing?
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > http://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list