[Snort-users] Snort + Acid w/ MySQL question(s)

Koaps koaps at ...1804...
Thu May 10 17:48:04 EDT 2001


I am having problems with Snort Logging to mysql too

Orginally I had Snort and MySQL on the same OpenBSD box, this caused MySQL
to crash, alot...

So I installed MySQL on a windows box, which also runs Snort Locally,


Amazingly the windows based Snort/MySQL/ACID works perfectly, and the
OpenBSD snort trying to log to MySQL on windows is failing to write
alerts...

just my two cents worth of crap....


L8rZ,

  )\_/(
 < o,0 >
    ~
   \ /

KoAps



----- Original Message -----
From: "alexus" <ml at ...1718...>
To: <roman at ...438...>
Cc: <snort-users at lists.sourceforge.net>
Sent: Thursday, May 10, 2001 2:26 PM
Subject: Re: [Snort-users] Snort + Acid w/ MySQL question(s)


mysql> select * from user where user='alexus';
+-----------+--------+------------------+-------------+-------------+-------
------+-------------+-------------+-----------+-------------+---------------
+--------------+-----------+------------+-----------------+------------+----
--------+
| Host      | User   | Password         | Select_priv | Insert_priv |
Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv |
Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv |
Index_priv | Alter_priv |
+-----------+--------+------------------+-------------+-------------+-------
------+-------------+-------------+-----------+-------------+---------------
+--------------+-----------+------------+-----------------+------------+----
--------+
| localhost | alexus | 34484ed463a66850 | Y           | Y           | N
| Y           | N           | N         | N           | N             | N
| N         | N          | N               | N          | N          |
+-----------+--------+------------------+-------------+-------------+-------
------+-------------+-------------+-----------+-------------+---------------
+--------------+-----------+------------+-----------------+------------+----
--------+
1 row in set (0.00 sec)

mysql>


i copy and paste mysql output to show you that i do have all right
privileges

i also upgrade acid to 0.9.6b9 (which is latest beta for today)

it still doesn't work

----- Original Message -----
From: <roman at ...438...>
To: "alexus" <ml at ...1718...>
Cc: <snort-users at lists.sourceforge.net>
Sent: Thursday, May 10, 2001 11:18 AM
Subject: Re: [Snort-users] Snort + Acid w/ MySQL question(s)


> One observation:
>
> - ACID 0.9.5 does not use ADODB.  This DB abstraction was
> introduced in 0.9.6b2 (Jan 2001).  Hence, this addition into
> acid_conf.php will be ignored.
>
> Two recommendations:
>
> - are you sure that you have CREATE permissions on the DB
> user set in acid_conf.php?  If all else fails, try using the
> "create_acid_tbls_mysql.sql" to manually create the ACID
> tables.
>
> - upgrade to a more recent version of ACID => 0.9.6b9.  There
> are significant feature improvements as well as bug fixes.  If you
> prefer an older version, upgrade to at least 0.9.6b1 for it has
> a number of important bug fixes
>
> cheers,
> Roman
>
> > I'm using the following:
> >
> > FreeBSD 4.3 - RELEASE (STABLE)
> > ACID-0.9.5 - RELEASE (STABLE)
> > ADODB v1.0.1 - RELEASE (STABLE)
> > PHP - 4.0.5 - RELEASE (STABLE)
> > APACHE - 1.3.19 - RELEASE (STABLE)
> > SNORT - 1.7 - RELEASE (STABLE)
> >
> > to compile snort i used following line:
> > ../configure --with-mysql=/usr/local/mysql;make;make install
> >
> > i did change acid_conf.php i put path to adodb
> >
> > in adodb
> >
> > i put local path in adodb.inc.php
> >
> > when i go to http://localhost/acid it redirects me to acid_main.php and
when
> > it gets there i get this:
> >
> > The underlying database alexus at ...274... apears to be invalid.
> >
> > The database version is valid, but the ACID DB structure (table:
acid_ag) is
> > not present. Use the Setup page to configure and optimize the DB
> >
> > when i click on "Setup page"
> >
> > in status window i get "DONE" for "Search Indexes" and i have "Create
ACID
> > AG" for "ACID tables" i'm assuming i need to click on "Create ACID AG",
when
> > I do that nothing happenes, it won't disappear or it won't change status
to
> > "DONE".. what am i missing?
> >
> >
> >
> >
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > http://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
>
>
>
> ---------------------------------------------
> This message was sent using Voicenet WebMail.
>       http://www.voicenet.com/webmail/
>
>
>


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users






More information about the Snort-users mailing list