[Snort-users] MySQL Logging ?

Brian Ipsen snort-bipsen at ...4712...
Mon Jan 28 10:56:06 EST 2002


I'm trying to get Snort up and running - more or less according to the 
descriptions (HowTo) on the linuxdoc.org page... But I do not get any 
logging in the MySQL database ... 

The logging entry in snort.conf says: 

output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID
output database: log, mysql, dbname=snort host=localhost user=snortlog 
password=xxxxx sensor_name=mysensor 

The userid/pass etc for the SQL settings are correct, I am able to log in 
using the mysql command at a shell prompt...
I get logging in /var/log/messages (when specifying -s option in 
/etc/rc.d/init.d/snortd) - but nothing is loggend in the MySQL database in 
the event table ?? Am I doing something wrong, or is it supposed to run like 
this ? 

Snort is started in the snortd file like: 

daemon /usr/bin/snort -A full -s -d -D \
               -i $INTERFACE -N -c /etc/snort/snort.conf 

where interface for test purposes has been set to lo 



More information about the Snort-users mailing list