[Snort-users] snort - barnyard and acid

Russell Fulton r.fulton at ...3809...
Tue May 27 20:28:14 EDT 2003


Hi All,
	I am running Snort 2.0 with unified logging and using barnyard 0.1.0 to
send the logs to a mysql database on another machine.

I have verified that the data is being loaded into the mysql database:

 mysql> select count(*) from event;
+----------+
| count(*) |
+----------+
|     7712 |
+----------+

This query was done using the acid user login.

When I run acid (0.9.6b23) and set up the extra tables acid needs it
does not see any data. I have tried using the root account as well as
the acid account to access the snort data base but it makes no
difference.

I don't get any errors, just the statement that there are no events.

What makes this all the more frustrating is that the first time I set
this up it all worked flawlessly, then I deleted the snort database and
rebuilt it because it was full of test data and since then acid has been
unable to find any data.

Any suggestions ?

-- 
Russell Fulton, Network Security Officer, The University of Auckland,
New Zealand.





More information about the Snort-users mailing list