[Snort-users] MySQL Logging ?
snort-bipsen at ...4712...
Mon Jan 28 10:56:06 EST 2002
I'm trying to get Snort up and running - more or less according to the
descriptions (HowTo) on the linuxdoc.org page... But I do not get any
logging in the MySQL database ...
The logging entry in snort.conf says:
output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID
output database: log, mysql, dbname=snort host=localhost user=snortlog
The userid/pass etc for the SQL settings are correct, I am able to log in
using the mysql command at a shell prompt...
I get logging in /var/log/messages (when specifying -s option in
/etc/rc.d/init.d/snortd) - but nothing is loggend in the MySQL database in
the event table ?? Am I doing something wrong, or is it supposed to run like
Snort is started in the snortd file like:
daemon /usr/bin/snort -A full -s -d -D \
-i $INTERFACE -N -c /etc/snort/snort.conf
where interface for test purposes has been set to lo
More information about the Snort-users