[Snort-users] MySql Question

Guillaume guillaume at ...4029...
Sun Nov 11 07:08:03 EST 2001

En réponse à olliecat <olliecat at ...1409...>:

> I am logging to mysql just fine and I would rather not log anywhere
> else.  How can I do this?  I also noticed, when starting from the
> command line, I must specify a log file path otherwise I get:
> "[!] ERROR: Can not get write access to logging directory
> "/var/log/snort".
> (directory doesn't exist or permissions are set incorrectly
> or it is not a directory at all)
> Fatal Error, Quitting.."
> Its right, there is no /var/log/snort because I want everything in the
> mysql database.  Am I missing something?
> Thanks.


I noticed quite the same thing: I only use MySQL to log alerts and all snort's
outputs, but snort seems to need some place on th:e filesystem (like
I also noticed that if, for a reason or antother, snort can not connect to the
MySQL DB anymore, it switches to filesystem logging, i.e. logging alerts in
/var/log/snort directory. I would prefer when using MySQL for logging that snort
just stops logging instead... or, better, be able to use a backup MySQL server.


Sent with HORDE/IMP

More information about the Snort-users mailing list