[Snort-users] Snort doen't write to mysql

kaihansen kaihansen at ...7874...
Thu Jun 12 03:12:13 EDT 2003


Sorry, but I've always used this configuration (taken from 
snort.conf.distrib) and all has worked properly for an year.

In any case I've tried to change this line to alert instead of log, but 
it doesn't work anyway.

These lines comes from README.databases

[log | alert] - specify log or alert to connect the database
plugin to the log or alert facility. In most cases you will
likely want to use the log facility.



Guillaume Rix wrote:

> Try alert instead of log
> Mysql is used for alert, no for log
>
> kaihansen wrote:
>
>> Hi all.
>>
>> I've this little problem.
>>
>> I've updated from 1.9 to 2.0; before this operation, all work 
>> properly (snort + mysql + acid).
>>
>> Now snort start correctly, write alert on /var/log/snort/alert, acid 
>> go well on apache web server and I can see old alerts, but snort 
>> doesn't write new alerts to mysql database ....
>>
>> I've compiled it with option --wit-mysql, so when I start with this 
>> row in configuration
>>
>> output database: log, mysql, user=snort password=snort dbname=snort 
>> host=localhost
>>
>> no errors appear in log, but anything will be written to mysql 
>> database (I've also used script create_mysql).
>>
>> Bye, Daniele
>>
>>
>>
>> -------------------------------------------------------
>> This SF.NET email is sponsored by: eBay
>> Great deals on office technology -- on eBay now! Click here:
>> http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>






More information about the Snort-users mailing list