[Snort-users] Snort-1.9.0-win32.exe

Slighter, Tim tslighter at ...5174...
Mon Oct 21 14:29:06 EDT 2002


what does your output line for mysql have at the beginning ?  if it says
"output log" try changing this to "output alert" and restart snort and see
what happens.  Not for sure, but this might be a strange behavior pattern
with snort 1.9.0

-----Original Message-----
From: Tom Morgan [mailto:RTMorgan at ...7219...]
Sent: Monday, October 21, 2002 3:19 PM
To: 'Roman Danyliw'
Cc: 'snort-users at lists.sourceforge.net'
Subject: RE: [Snort-users] Snort-1.9.0-win32.exe


Hello,

I dropped the database, created a new snort database, ran create_mysql and
create_acid_tbls_mysql.  Copied a new snort.conf and put in the entries for
the mysql database.  

When I launch acid I get: 
Queried on : Mon October 21, 2002 16:10:38
Database: snort at ...274...    (schema version: 106) 
Time window: no alerts detected 

Yet I have new entries in the log file.  What did I miss?

Thanks,

Tom Morgan

-----Original Message-----
From: Roman Danyliw [mailto:roman at ...438...]
Sent: Friday, October 18, 2002 1:35 PM
To: Tom Morgan
Cc: 'snort-users at lists.sourceforge.net'
Subject: Re: [Snort-users] Snort-1.9.0-win32.exe


The latest version of the create_mysql script is always found the contrib
directory of the snort distribution.

Upgrade instructions from schema v105 to v106 are found in the Changelog.

Roman

On Fri, 18 Oct 2002, Tom Morgan wrote:

> Hello,
>
> I downloaded and installed Snort-1.9.0-win32.exe.  I need to find the
> create_mysql associated with 1.9.0.  I am getting the following error:
>
> database: mysql_error: Unknown column 'last_cid' in 'field list'
> database: schema version = 105
> database: The underlying database seems to be running an older version of
>           the DB schema (current version=105, required minimum version=
> 106).
>
>           If you have an existing database with events logged by a
previous
>           version of snort, this database must first be upgraded to the
> latest
>           schema (see the snort-users mailing list archive or DB plugin
>           documention for details).
>
>           If migrating old data is not desired, merely create a new
instance
>           of the snort database using the appropriate DB creation script
>           (e.g. create_mysql, create_postgresql, create_oracle,
> create_mssql)
>           located in the contrib\ directory.
>
>           See the database documentation for cursory details
> (doc/README.database).
>           and the URL to the most recent database plugin documentation.
> Fatal Error, Quitting..
>
> Where can a find a recent version of create_mysql?
>
> Thanks
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>


-------------------------------------------------------
This sf.net emial is sponsored by: Influence the future 
of  Java(TM) technology. Join the Java Community 
Process(SM) (JCP(SM)) program now. 
http://ad.doubleclick.net/clk;4699841;7576298;k?http://www.sun.com/javavote
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list