[Snort-users] snort not logging to mysql
scattered at ...4621...
Wed Jan 23 11:26:09 EST 2002
(yes I read the FAQ)
I'm running snort-1.8.3 on a BSD/OS 4.x i383 machine.
A1: You did not set up the database plugin in your configuration file.
==>from my snort.conf:
output database: log, mysql, user=snort password=*** dbname=snort
A2: You are using an older database schema, and should update it by
running the create scripts from the /contrib directory.
==>I did this.
A3: You are using a command line option that overrides what you have in
your configuration file. This is most often -A or -s. NOTE: If you wish
to log to syslog as well, specify so in your configuration file rather
then the command line.
==>my command line options (will eventually want to run as a daemon):
/acu/snort/mysql/bin/snort -P 1514 -c /acu/snort/rules/snort.conf
A4: There is a problem with your database configuration itself.
Make sure the user you specify has the correct permissions, or that the
database is even up and running.
==>I've inserted tables, selected items from the table, and deleted tables
(none of the ones created by the create_mysql script). And mysql is
running, because I was able to to the creation and selects and inserts.
I even tried recompiling the program using these options (I'm using
./configure --with-mysql=/usr/contrib/lib/mysql --prefix=/acu/snort/mysql
But the output of the startup is:
database: compiled support for ( )
database: configured to use mysql
database: mysql support is not compiled in this copy
Check your configuration file to be sure you did not mis-spell "mysql".
If you did not, you will need to reconfigure and recompile ensuring that
you have set the correct options to the configure script. Type
"./configure --help" to see options for the configure script.
Fatal Error, Quitting..
Any help will be greatly appreciated.
PS - cc: please, as my subscribe message got stuck because of administriva
(I put subscribe in the subject and body :( )
More information about the Snort-users