[Snort-users] portscans and ACID
omckenzi at ...4479...
Thu Mar 21 21:07:03 EST 2002
you don't need the first output statement
----- Original Message -----
From: Mike Macias
To: snort-users at lists.sourceforge.net
Sent: Tuesday, March 19, 2002 3:58 PM
Subject: [Snort-users] portscans and ACID
I've been looking through the snort users archive and found plenty of documentation on how to get ACID to see portscans. I've finally got things working, however I'm a little concerned about my solution. In snort.conf I have 2 output plugins specified:
output database: log, mysql, user=snort password=abcdef dbname=snort_db host=localhost
output database: alert, mysql, user=snort password=abcdef dbname=snort_db host=localhost (so that ACID can see portscans)
Will having 2 outputs specified adversely affect any data in the MySQL db?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users