[Snort-users] snort not logging to MySQL
twr at ...163...
Sun Sep 8 19:05:02 EDT 2002
For the sake of learning and curiosity I have re-installed snort 1.8.7 with its dependencies, ( MySQL-client and MySQL-devel ) on one box and the ACID, SQL and Apache in another ... same set up I use with 1.8.6. Which by the way, ran fine.
After configuring everything and making sure that the sensors came up in stealth and promiscuous mode and that I was able to connect to the database....I would run a test with Nmap to make sure everything is working and .... no logging to the database, even though I can connect to it.
I have checked the configuration of the snort.conf file to make sure that it points to the database and no problem there, I checked to make sure that snort is indeed capturing packets and no problem there. I also checked the acid_conf.php files to make sure that they are configured correctly and no problems there. Like I said, I can connect to the database with snort. It just doesn't log anything to the MySQL/ACID alert database.
I have checked the permissions for the MySQL database and the alert database and no problems there either.
I have looked high and low for some answers to no avail....any suggestions...or...should I just start over again?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users