[Snort-users] What have I screwed up on this SQL call?

Jason Haar Jason.Haar at ...294...
Thu Apr 10 18:51:09 EDT 2003


Hi there

I'm trying to update logsnorter to handle snort 1.9 and I just can't figure
out why the likes of ACID  won't display the signature description.

e.g.

INSERT INTO sig_class VALUES (1,'misc-activity');
INSERT INTO signature VALUES (1,'ciscoacl-110/0->0',1,3,1,NULL);

All the acid_cache calls have got me totally lost as to what it's looking
for, but under ACID, the logsnorter results are showing up with their sig_id
as their name (i.e. "1") instead of the "ciscoacl-110/0->0" type entries.

I can't be bothered doing any of the reference table hooks - as there isn't
much point yet - but I'm wondering if that's the problem?

Any ideas - please? :-)

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1




More information about the Snort-users mailing list