[Snort-users] snort IDS mode and mssql

Martin Roesch roesch at ...1935...
Mon Aug 2 20:27:46 EDT 2004

Hi Adam,

Try adding a "-l ." switch at the command line.  What alerting option 
are you using?  You might want to try something like the syslog or "-A 
none" switch if you aren't using the real-time alerting stuff.


On Jul 30, 2004, at 10:54 AM, Adam Maxwell wrote:

> Hi, I have just installed snort on a laptop running
> Windows 2003 Standard Server
> SQL 2000 SP3a
> Snort-2_2_0RC1
> I have created a database called snort with a username "snort" and 
> password "snort". I have created the database schema, and also created 
> a ODBC link to the database. The snort user has db_owner rights to the 
> database.
> When I use snort with the -c option i get an error saying can't write 
> to log directory, can someone tell me the correct settings in my 
> snort.conf file. This is what I have tried
> "output database: log, mssql, dbname=snort, user=snort, host=localhost 
> password=snort"
> The error I get is.
> ERROR: Can not write access to logging directory "log". (directory 
> doesn't exist or permissions are set incorrectly or it is not a 
> directory at all)
> Fatal Error, Quitting
>  **********************************************************
>  This e-mail, including attachments, is confidential and is
>  intended for view by the addressee only.
>  Any views, opinions and judgements expressed are
>  solely those of the author and may not reflect those
>  If you have received this message in error, or have
>  concerns about the use of this account, please
>  contact: postmaster at ...12205... .
>  For more information about The Elliott Group Ltd,
>  please visit the Web site at http://www.elliott-group.co.uk
>  This footnote also confirms that this e-mail message
>  has been swept by MIMEsweeper for the presence of
>  computer viruses.
>  **********************************************************
Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616
Sourcefire: Intelligent Security Monitoring
roesch at ...1935... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org

More information about the Snort-users mailing list