[Snort-users] Snort Mysql Acid Combo

Martin Olsson elof at ...6680...
Wed Feb 4 02:25:23 EST 2004


On Wed, 4 Feb 2004, Sam Osuala wrote:
> 1] Redhat Linux 9.2
> 2] Snort 2.0.6
> 3] Mysql 4.0.17
> 4] Acid 0.9.6
> 5] php 4.3.4
> 6] zlib-1.1.4
> 7] libpcap-0.7.2
> 8] Apache 2.0.48 (not the one that came with the Linux )
> 9] jgraph 1.14
> 10] adodb 405
> These are all installed in the Linux box above. The issue is that the mysql is not getting any logs in the database. If I start my snort with "snort -dvC" I get the alerts on the screen. What could be the problem. Do I have to keep the components in different machines?

First run snort in selftest mode (-T) to see if you get any clues there.
You should see a section like this:
database: compiled support for ( mysql )
database: configured to use mysql
database:          user = foo
database: password is set
database: database name = gazonk
database:          host = 10.20.30.40
database:   sensor name = bar
database:     sensor id = 1
database: schema version = 106
database: using the "log" facility

/Martin





More information about the Snort-users mailing list