[Snort-users] Snort and MySQL

James Riden j.riden at ...11179...
Tue Feb 8 18:27:57 EST 2005


sEc nErD <umkcguy1978 at ...131...> writes:

> ok below are the details of whtz up with my snort...it
> is having all alerts in /var/log/snort/alert file
>
> but just that nothing in mysql database.one thing
> happened was mysql was not running ,then i started
> mysqld from init.d  
>
> since i started it aftre i was running snort..do i
> need to stop and restart snort??so that it connects to
> the database
>
> if yes what would be the command for that!!

Would probably help:

/etc/init.d/snort restart

Then do a 'tail /var/log/daemon.log' to check it started OK.

> output from /var/log/messages
> Feb  8 14:49:48 localhost sshd(pam_unix)[3049]:
> session opened for user root by (uid=0)
> Feb  8 15:15:30 localhost mysqld: Starting MySQL: 
> succeeded

Look in /var/log/daemon.log instead for the snort startup (it's a
Debian thing).

cheers,
 Jamie
-- 
James Riden / j.riden at ...11179... / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/






More information about the Snort-users mailing list