[Snort-users] log into postgresql

Mark Forsyth forsythm at ...1704...
Sun Oct 21 19:17:25 EDT 2001


Once you've created the databse you need to create the metadata. You should 
have a script called create_postgres or similar. If you have 
snort-1.8.1-RELEASE you'll find it in the contrib directory. You also 
should have a file named README.database which details the steps to take to 
get the database created with all the tables, etc.

Ooroo
Mark F...


On Monday, October 22, 2001 3:21 AM, mysiar at ...3879... [SMTP:mysiar at ...3879...] 
wrote:
> hi
> I'm brand new to snort, just finished compilation. :-)
> I tried to run it with logging into postgresql but with no luck
> I creted user called snort for postgres using:
> createuser
> and I also created db for this user:
> createdb snort -U snort
> I have this database beasue when I run pgsql snort
> and \l results are:
>
>   List of databases
>  Database  |  Owner
> -----------+----------
>  snort     | snort
>  template0 | postgres
>  template1 | postgres
> (3 rows)
>
>
> results from running snort are
> Initializing Network Interface eth0
> using config file /etc/snort.conf
> Initializing Preprocessors!
> Initializing Plug-ins!
> Initializating Output Plugins!
> Parsing Rules file /etc/snort.conf
>
> +++++++++++++++++++++++++++++++++++++++++++++++++++
> Initializing rule chains...
> No arguments to frag2 directive, setting defaults to:
>     Fragment timeout: 60 seconds
>     Fragment memory cap: 4194304 bytes
> Stream4 config:
>     Stateful inspection: ACTIVE
>     Session statistics: INACTIVE
>     Session timeout: 30 seconds
>     Session memory cap: 8388608 bytes
>     State alerts: INACTIVE
>     Scan alerts: ACTIVE
> No arguments to stream4_reassemble, setting defaults:
>      Reassemble client: ACTIVE
>      Reassemble server: INACTIVE
>      Reassemble ports: 21 23 25 53 80 143 110 111 513
>      Reassembly alerts: ACTIVE
> Back Orifice detection brute force: DISABLED
> Using LOCAL time
> database: compiled support for ( postgresql )
> database: configured to use postgresql
> database:          user = snort
> database: database name = snort
> database:   sensor name = 192.168.0.3
> database: postgresql_error: ERROR:  Relation 'sensor' does not exist
>
> database: postgresql_error: ERROR:  Relation 'sensor' does not exist
>
> database: postgresql_error: ERROR:  Relation 'sensor' does not exist
>
> database: Problem obtaining SENSOR ID (sid) from
> postgresql->snort->sensor
>
>  When this plugin starts, a SELECT query is run to find the sensor id
> for the
>  currently running sensor. If the sensor id is not found, the plugin
> will run
>  an INSERT query to insert the proper data and generate a new sensor id.
> Then a
>  SELECT query is run to get the newly allocated sensor id. If that fails
> then
>  this error message is generated.
>
>  Some possible causes for this error are:
>  * the user does not have proper INSERT or SELECT privileges
>  * the sensor table does not exist
>
>  If you are _absolutly_ certain that you have the proper privileges set
> and
>  that your database structure is built properly please let me know if
> you
>  continue to get this error. You can contact me at (jed at ...153...).
>
> Fatal Error, Quitting..
>
>
> Regards
> Piotr
>
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list