[Snort-users] 1.7 and mysql problem

Mark W. Davis mwd at ...497...
Wed Jan 31 22:39:43 EST 2001

I do not get it... Using version 1.6.3 I have the following in my snort.conf file:

output log_syslog: xxxxx
output log_database: xxxx

I start snort with the -s switch. Everything works fine. I get snort output in
syslog and the db gets updated.

When using version 1.7, I have in snort.conf:

output log_syslog: LOG_ ...
output database: log, mysql, ...

I start snort with the -s switch on the command-line. I get snort output in
syslog but no db updates.

How does one get both?

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Jason Haar
Sent: Wednesday, January 31, 2001 4:36 PM
To: snort
Subject: Re: [Snort-users] 1.7 and mysql problem

On Wed, Jan 31, 2001 at 03:51:25PM -0800, Mark W. Davis wrote:
> RE: [Snort-users] 1.7 and mysql problemMy command line is:
> .../snort -c conf -d -D -i eth0 -t $DIR -u snortuser -g snortgroup -l . -s
> This works for 1.6.3; it logs to the db just fine. Doesn't work for 1.7. I get the
> command line... message with either version.

It's a more general problem. If you have syslog references in your
snort.conf file, and call "-s" on the command line - syslog logging is
disabled too...


Jason Haar

Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:

More information about the Snort-users mailing list