[Snort-users] Snort and ACID on separate systems?
erek at ...577...
Tue Jun 18 14:48:09 EDT 2002
On Tue, 18 Jun 2002, Djinn D'Angel wrote:
> I have been running Snort in my environment for quite some time and using
> Snortsnarf as a psudo-reporting mechanism. I want to move to using ACID for
> reports and database storage of alerts, but I also want to be able to have
> Snort and ACID running on separate systems. I have not been able to find
> any good documentation on implementing Snort and ACID in this way. Can
> someone make a suggestion where I might look?
Actaully, it's very simple.
On the DB output line, just change 'localhost' or 127.0.0.1 into the machine
you've got MySQL on. Make sure that snortuser at ...6131... has
access to the tables. That's about it--IIRC. :) Just don't put your MySQL
box in the DMZ. ;-)
More information about the Snort-users