[Snort-users] Snort 2.2.0 & ACID 0.9.6b23
Matthew K. Lee
mattl at ...12405...
Fri Sep 10 14:58:25 EDT 2004
output database: log, mysql, user=<username> password=<password>
(With the correct values for username and password, of course.)
The interesting this is that I'm actually getting information in the
snort.event, snort.data, snort.icmphdr, snort.tcphdr, etc. I am not
getting any records created in the acid tables, however.
I've tried dropping and recreating all the tables. I've tried dropping
and recreating the database. All with no luck.
From: Pedro Fortuna [mailto:pedro.fortuna at ...11827...]
Sent: Friday, September 10, 2004 1:43 PM
To: Matthew K. Lee
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort 2.2.0 & ACID 0.9.6b23
How's your "output database: " line in snort.conf ?
On Fri, 10 Sep 2004 10:01:28 -0500, Matthew K. Lee <mattl at ...12405...>
> Hello all,
> I'm running snort-2.2.0, mysql (with schema 106), and acid 0.9.6b23.
> I'm getting some of the alert information to show up in acid, but the
> actual alerts are not displayed. I've checked the database, and the
> information is being logged correctly. It seems as though the alert
> page is just not returning any rows. I wonder if there was a change
> the schema version that may have broken compatibility with ACID
> Has anyone else encountered this? If so, what did you do to resolve
> Matthew Lee
> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
> Project Admins to receive an Apple iPod Mini FREE for your judgement
> who ports your project to Linux PPC the best. Sponsored by IBM.
> Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users