[Snort-users] 1.7 and mysql problem

Mark W. Davis mwd at ...497...
Wed Jan 31 18:51:25 EST 2001


RE: [Snort-users] 1.7 and mysql problemMy command line is:

.../snort -c conf -d -D -i eth0 -t $DIR -u snortuser -g snortgroup -l . -s

This works for 1.6.3; it logs to the db just fine. Doesn't work for 1.7. I get the
command line... message with either version.

m
  -----Original Message-----
  From: snort-users-admin at lists.sourceforge.net [mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Steve Halligan
  Sent: Wednesday, January 31, 2001 1:32 PM
  To: 'Scott A. McIntyre'; Snort Mailing List
  Subject: RE: [Snort-users] 1.7 and mysql problem


  You always want command line options to override anything in a conf file.  Start making rules or conf file settings that override
the commandline options and confusion will reign.  Much easier with the simple rule

  COMMANDLINE > CONF FILE

  > -----Original Message-----
  > From: Scott A. McIntyre [mailto:scott at ...1050...]
  > Sent: Wednesday, January 31, 2001 2:56 PM
  > To: Snort Mailing List
  > Subject: Re: [Snort-users] 1.7 and mysql problem
  >
  >
  >
  > > Another thing to watch out for: I wasn't seeing anything
  > > go to the DB, so I looked at syslog and snort was putting
  > > out a warning saying that the command line had overridden
  > > the db plugin line in the config file.
  > > I had the -A flag set. When I removed it, snort logged to
  > > the db fine.
  >
  > I got bit by this one too (only for a few hours) -- is there a way
  > around this, perhaps some type of ruletype specification?
  >
  > Scott
  >
  >
  > _______________________________________________
  > Snort-users mailing list
  > Snort-users at lists.sourceforge.net
  > Go to this URL to change user options or unsubscribe:
  > http://lists.sourceforge.net/lists/listinfo/snort-users
  >






More information about the Snort-users mailing list