[Snort-users] postgresql

Bryan Irvine bryan.irvine at ...9066...
Wed Jul 2 10:35:04 EDT 2003


I'm trying to do remote logging with a postgresql db.

I've configured postgres, and can log in remotely, all the tables ahve
been created (via the create_postgresql script), I can log in run sql
commands but can't figure out how to get snort to log to it.  I've tried

output database: alert, mysql, user=username dbname=snort host=hostname
output database: log, mysql, user=username dbname=snort host=hostname
output database: alert, mysql, user=username password=password \
dbname=snort host=hostname

The snort command I'm running is 

snort -i xl1 -A FULL -c /usr/local/share/snort/snort.conf -l
/var/www/htdocs/snort/xl1

I've tried without the -l option (thinking maybe it can't log to a
directory and db at the same time) but then I get an error that
/var/snortsomething doesn't exist.

Any ideas?  This seems like I'm so close...

--Bryan





More information about the Snort-users mailing list