[Snort-users] Migrating from 1.8.6 to 1.9.0 and updating the MySQL-DB scheme, any docs outthere?

Edin Dizdarevic edin.dizdarevic at ...5862...
Thu Oct 10 18:14:03 EDT 2002


Thank you Gene!

This issue seems forgotten in the docs. However, is everybody setting
up Snort completely from the scratch or what? Is there any fact against
continuing to use the "old" DB? It may be, that not many are updating...


Best regards,


Edin_



Gene Gomez wrote:
> Yeah, seriously, I upgraded last night when I downloaded a copy of the new
> snortrules.tar.gz from the web site and found that they needed 1.9.0 to run.
> The db schema update from 1.05 to 1.06 was the biggest issue, mostly because
> I couldn't find any documentation on how to upgrade manually.
> After reading the db plugin documentation and noting what had changed in the
> schema, I decided to read the create_mysql database creation script to
> figure out what the new field (sensor.last_cid, I think) was supposed to
> look like in the database and I manually updated the table, then updated the
> schema.vseq in the same way.  Later on I found this in the ChangeLog:
> 
> 2002-09-03  Roman Danyliw <roman at ...438...>
> 
>        * src/output-plugin/spo_database.c
> 
>          - DB schema v106
>          - Added the sensor.last_cid field to the schema so the
>            database can store the last used cid for a given sensor.
>            This field will ensure that a cid will never be reused.
> 
>            Upgrading from v105 -> v106 is as simple as:
> 
>            mysql> ALTER TABLE sensor ADD last_cid INT UNSIGNED NOT NULL;
>            mysql> UPDATE schema SET vseq=106;
> 
>             psql> ALTER TABLE sensor ADD last_cid INT8;
>             psql> UPDATE schema SET vseq=106;
> 
>          - Improved error messages
> 
> I would have LOVED to have seen this in the db plugin documentation instead
> of hidden in the ChangeLog.  :)
> What the heck is sensor.last_cid used for anyway?  There's some funky number
> in there that I don't recognize attached to sensor 1 (my only sensor).
> 
> Gene
> 
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Edin
> Dizdarevic
> Sent: Thursday, October 10, 2002 2:42 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Migrating from 1.8.6 to 1.9.0 and updating the
> MySQL-DB scheme, any docs outthere?
> 
> 
> 
> 
> Hello,
> 
> see the subject ;).
> 
> I couldn't find anything in the docs dir...
> 
> 
> Greetings,
> 
> Edin_
> 

-- 
Edin Dizdarevic





More information about the Snort-users mailing list