[Snort-users] Snort 1.9, RH 7.3 and Acid
erek at ...577...
Mon Oct 7 10:16:05 EDT 2002
On Mon, 7 Oct 2002, Slighter, Tim wrote:
> did you check the snort.conf file to ensure that on the output line it is
> using "alert" instead of "log" ? Also, you may have to start snort with the
> -o option to change the order for snort output.
The '-o' parameter has nothing to do with the DB. You could add it, remove it
and all data would still go into the DB.
Changing it from 'alert' to 'log' has nothing to do with the rules, it only
has to do with the output facility. Marty gives a nice breakdown of it in a
old message to the list.
Josh, take a look at the ACID Install doc. There's a section on 'How to
verify MySQL logging' that might be of some use.
More information about the Snort-users