[Snort-users] loggin to mySQL

Grant Parkinson grantp at ...1936...
Sun Jun 17 20:53:02 EDT 2001


> This is how I have loggin setup in my snort.conf:
> ruletype log2mySQL
> {
>   type log
>   output database: log, mysql, user=snort dbname=snort host=localhost
> }

Blake, 

You will need to associate rule(s) with your custom actions. 

ex:  log2mysql tcp any any -> $HOME_NET any (flags: S; msg: "Inbound
Connection";)

--
Grant
 






More information about the Snort-users mailing list