[Snort-users] loggin to mySQL
guillaume at ...1168...
Mon Jun 18 01:42:35 EDT 2001
Blake Frantz wrote:
> I'm having a problem getting snort to log to mySQL. Everything is being
> logged to /var/log/snort. Below are the details, any help is appreciated.
> This is how I have loggin setup in my snort.conf:
> ruletype log2mySQL
> type log
> output database: log, mysql, user=snort dbname=snort host=localhost
Check your rules : do you use "log2mySQL" facility instead of "alert" or "log" ?
"alert tcp $EXTERNAL_NET any -> $HOME_NET 21 ....."
Should be :
"log2mySQL tcp $EXTERNAL_NET any -> $HOME_NET 21 ....."
More information about the Snort-users