Thu Nov 29 00:50:06 EST 2001

Morning Neil,
> Sorry if this is elementary/been asked before (I had a search
> but found =
> nothing on it).
> I'm compiling snort on Solaris and I want to direct the
> alerts (via the =
> snort.conf file) to a remote mysql database on a Win98 machine.
> I see that I need to include the option '--with-mysql=3DDIR' at the =
> configure stage, but I'm not sure what to do about the 'DIR'
> bit here, =
> as the database won't be local.

The optin --with-mysql is used to set the path to the mysql header files for
compilation. You could try to use the option without any directory (this has
worked on linux for me) or set it to the directory where mysql.h resides in
(e.g. /usr/include/mysql on linux). Of course the mysql development package has
to be installed ;)

This has to be done regardless where the database resides, either local or

> Is it possible to specify the remote mysql database at this
> stage,

No this is done via snort.conf.

> or is =
> there some way to compile with mysql support added, so I can
> redirect =
> the output with the conf file later?

Yep, take a look on the example snort.conf shiped with the snort package.


