[Snort-users] log_tcpdump and db schema troubleshooting

jo cam jo.cam at ...6346...
Mon Sep 2 03:57:39 EDT 2002


Hello everybody,

I'm trying to install snort sensors, the first on linux,
the second on win95. The first sensor also running MySQL dB.

I want to configure the windows sensor to locally log
alerts in tcpdump format and also log alerts on the remote
MySQL dB.

When i setup the tcpdump output plugin, i get this
error "log_tcpdump tcpdumpInitLogFile(): Invalid argument".

Without this plugin, snort start and on the screen i get
this message:
database: configured to use mysql
...........
database: schema version =3D 104
database: The database is using an older version of the dB
schema
database: using the "alert" facility
1239 Snort rules read...
and so on.

My configuration is:

 Linux WS: Kernel 2.4.18 (MDK distrib 8.2)
 Snort 1.8.4
 MySQL 11.15 distrib 3.23.47

 Win WS: Win95 OSR 2
 WinPcap 2.3
 Snort 1.8.7

So what about the tcpdump output plugin and the dB schema?
Is that necessary to upgrade the dB schema on my Linux WS?
If yes how can i recovery the data?

Regards,

Jo

______________________________________________________
Boîte aux lettres - Caramail - http://www.caramail.com



More information about the Snort-users mailing list