[Snort-users] Logging to /var/log/snort/alert AND mysql?
ling at ...2002...
Wed May 9 16:52:00 EDT 2001
Hi, just looked over the FAQ & didn't see anything there.
With snort, I am running Guardian and another small script that mails me every
5 minutes if /var/log/snort/alert changes. I've been reading about ACID for
the last few weeks, and finally made the effort to install apache, mysql, php
Running like a charm, with:
output database: alert, mysql, user=www dbname=snort host=localhost
I never used to bother with an output plugin before, so of course, my output
went to /var/log/snort/alert (Linux 2.2.14). How can I still have that output
AND log to mysql/ACID?
/usr/local/bin/snort -de -D -i eth0 -c /etc/snort/snort.conf
:\ Chris Ling - Systems Analyst / Programmer /:
:| Components Division, CARIS / Fredericton, NB, Canada |:
:| ling at ...2002... | phone: (506)462-4212 |:
:/ Mind over matter; if you don't mind, it don't matter. \:
More information about the Snort-users