[Snort-users] Re: Snort compiled w/MySQL?

Joerg Weber j.weber at ...8292...
Thu Oct 14 00:04:03 EDT 2004


Hi Larry,

you might want to use Barnyard to log to a remote SQL Server instead of
logging with snort directly.
To do so, you'd configure snort to log via unified log format (output
log_unified: filename snort.log, limit 128) and configure barnyard to
read that file for example via -f snort.log.
Barnyard is available at http://www.snort.org/dl/barnyard/

Good luck,

Joerg

On Wed, 2004-10-13 at 18:13, Larry Wichman wrote:
> Thanks for the responses. I copied the client libraries over manually
> and recompiled Snort with the path to them. It seems to be working
> now. 
> 
> Larry Wichman <larrywichman at ...131...> wrote: 
>         I want to have a snort box send alerts to a MySQL database on
>         another box. Do I still need to compile it usisng
>         "--with-mysql=/usr/local/mysql"? If so, does this mean that I
>         have to install MySQL on the Snort box even though it will be
>         sending alerts to another box?
>         
>         __________________________________________________
>         Do You Yahoo!?
>         Tired of spam? Yahoo! Mail has the best spam protection around
>         http://mail.yahoo.com 
>         
> 
> 
> 
> Cheers,
> 
> Lawrence A. Wichman
> 2719 W Thomas
> Apt 2
> Chicago
> Il, 60622
> 773.807.7606
> 
> 
> 
> ______________________________________________________________________
> Do you Yahoo!?
> Yahoo! Mail CNET Editors' Choice 2004. Tell them what you think. 
-- 
Joerg Weber M. A.
Network Security

infoServe GmbH
Nell-Breuning-Allee 6
D-66115 Saarbruecken

T: (0681) 8 80 08 - 59
F: (0681) 8 80 08 - 33
www.infos.de
E: j.weber at ...8292...





More information about the Snort-users mailing list