[Snort-users] acid empty but mysql working
dirk at ...10648...
Wed Jul 7 13:39:01 EDT 2004
> and barnyard.conf configured as follows:
> config hostname: localhost
> config interface: eth1
> output alert_acid_db: mysql, sensor_id 1, database snort, server
> ids2.ops.domain.com , user snort, password snort
> output log_acid_db: mysql, sensor_id 1, database snort, server
> ids2.domain.pirtgroup.com , user snort, password snort , detail full
> data appears in the db in almost all tables but _NOTHING_ is showing
> up in ACID. Also the sensor table is empty, and the acid_* tables are
> empty, isnt that supposed to be populated by barnyard?
> anybody know why acid wont view all the data that exists in my DB?
I guess the problem results from the missing sensor table entry.
If you mention a sensor_id greater zero in output alert_acid_db
then barnyard will use this id without checking if it exists.
So at first remove either this part or set: sensor_id 0
BTW: A hostname of localhost is a bad sensor name...
More information about the Snort-users