[Snort-users] Snort and ARIS Extractor

Demetri Mouratis dmourati at ...3877...
Wed Oct 24 09:03:07 EDT 2001


I found this site the other day and registered with them as well.  I
uploaded my /var/log/snort/alert file to them and was able to check my
logs via the web site.  If you are logging only to mysql, you may need to
change your snort.conf to add an entry for regular (non-database) logging.
The snort faq coveres logging to multiple places.  Hope this helps.  

On Wed, 24 Oct 2001, Mike Walter wrote:

> Hello,
> 	I am sure someone has covered this, but I can't seem to find it.  I downloaded and registered with ARIS so I could upload my logs.  I am logging to mySQL, and thought I could just use the portscan.log with the ARIS extractor.  This does not seem to be the case.  How do I log snort to mySQL and to the proper file format so I could run the ARIS extractor?  Thanks in advance.
> 
> Mike Walter,
> 3z.net a PCD Company,
> PCD Network Solutions, Inc,
> "When Success the Only Solution  t h i n K  3z.net"
> www.pcdnet.net
> www.3z.net
> 
> 
> 
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list
> 

---------------------------------------------------------------------
Demetri Mouratis
dmourati at ...3878...





More information about the Snort-users mailing list