[Snort-users] Re: Snort compiled w/MySQL?
j.weber at ...8292...
Thu Oct 14 00:04:03 EDT 2004
you might want to use Barnyard to log to a remote SQL Server instead of
logging with snort directly.
To do so, you'd configure snort to log via unified log format (output
log_unified: filename snort.log, limit 128) and configure barnyard to
read that file for example via -f snort.log.
Barnyard is available at http://www.snort.org/dl/barnyard/
On Wed, 2004-10-13 at 18:13, Larry Wichman wrote:
> Thanks for the responses. I copied the client libraries over manually
> and recompiled Snort with the path to them. It seems to be working
> Larry Wichman <larrywichman at ...131...> wrote:
> I want to have a snort box send alerts to a MySQL database on
> another box. Do I still need to compile it usisng
> "--with-mysql=/usr/local/mysql"? If so, does this mean that I
> have to install MySQL on the Snort box even though it will be
> sending alerts to another box?
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> Lawrence A. Wichman
> 2719 W Thomas
> Apt 2
> Il, 60622
> Do you Yahoo!?
> Yahoo! Mail CNET Editors' Choice 2004. Tell them what you think.
Joerg Weber M. A.
T: (0681) 8 80 08 - 59
F: (0681) 8 80 08 - 33
E: j.weber at ...8292...
More information about the Snort-users