[Snort-users] logging to MySql....stumped

Chris Keladis chris at ...6400...
Tue Jul 22 06:11:02 EDT 2003


Scott Renna wrote:

> Would I have better luck dumping it to a PostgreSQL database?   I've
> noticed in Barnyard's output when it doesn't have anything it's picking
> up, entries are just shown as time 00:00:00.  I forget the date that it
> defaults to but it's definitely not the current one.

Yep, those are symptoms of this problem.

While the dates barnyard is inserting may be zero's, ACID could 
represent them differently (eg 00:00 as 12:00, etc), depending on how 
it's been written.

Anyway, i have not tested PostgreSQL, nor examined it's schema, so i 
couldn't say wether PostgreSQL would make a difference.

However, with Barnyard 0.1.0 and MySQL 3/4, the patch wuurked for me! :)


> I'm going to try this patch out and let you know on the results.

Cool. Would be good to get feedback.




Regards,

Chris.





More information about the Snort-users mailing list