[Snort-users] Snort - Fatal Error

Harper, Patrick patrick.harper at ...11593...
Mon Jul 26 06:59:08 EDT 2004

Try logging on to mysql as the snort user and make sure it has access.
That might be your problem.  Go over the section that does the access
grants to the snort user again 

-----Original Message-----
From: Shankar [mailto:list at ...12177...] 
Sent: Monday, July 26, 2004 7:14 AM
To: prabu; Snort-Users
Subject: RE: [Snort-users] Snort - Fatal Error

On Monday, July 26, 2004 4:52 PM prabu wrote:
>To: Shankar; Snort-Users
>Subject: Re: [Snort-users] Snort - Fatal Error Hello Shankar,
>      First tell about your database configuration.I guess that u might
>not commented the (/etc/snort/snort.conf:453 line,since it is used for 
>enabling log alerts to syslog.U should comment this line,if u want to
>the databes loggging,since that line of the config file specifies to 
>alert the output of logs to syslog.

>if u r using databes logging ,then ur snort.conf should have line as, 
>for example,output database: log, mysql, dbname=snort user=root 
>host=localhost password=kovai

dear prabu,

Thx for the mail/help. My database configuration is as below output
database: log, mysql, user=snort password=mypassword dbname=snort
host=localhost i use user snort instead of root.

# mysql -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 26 to server version: 3.23.58

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
| Database |
| mysql    |
| snort    |
| test     |
3 rows in set (0.00 sec)

mysql> use snort
Reading table information for completion of table and column names You
can turn off this feature to get a quicker startup with -A

Database changed
mysql> show tables;
| Tables_in_snort  |
| acid_ag          |
| acid_ag_alert    |
| acid_event       |
| acid_ip_cache    |
| data             |
| detail           |
| encoding         |
| event            |
| flags            |
| icmphdr          |
| iphdr            |
| opt              |
| protocols        |
| reference        |
| reference_system |
| schema           |
| sensor           |
| services         |
| sig_class        |
| sig_reference    |
| signature        |
| tcphdr           |
| udphdr           |
23 rows in set (0.00 sec)


If i comment the Output line and type #snort -c /etc/snort/snort.conf
then process hangs here and i dont get my # prompt back need to break
   --== Initialization Complete ==--

-*> Snort! <*-
Version 2.1.3 (Build 27)
By Martin Roesch (roesch at ...1935..., www.snort.org)

thx in advance for ur mail/help.


This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java
Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

This electronic message, including any attachments, is confidential and intended solely for use of the intended recipient(s). This message may contain information that is privileged or otherwise protected from disclosure by applicable law. Any unauthorized disclosure, dissemination, use or reproduction is strictly prohibited. If you have received this message in error, please delete it and notify the sender immediately. 

More information about the Snort-users mailing list