[Snort-users] snort not logging to mysql database
Kretzer, Jason R (Big Sandy)
jason.kretzer at ...13486...
Fri Feb 17 06:00:13 EST 2006
I did, but I did not find one. I searched the archives and the closest
I found was,
And no one replied to this person either.
> -----Original Message-----
> From: Our World Is Here [mailto:info at ...2282...]
> Sent: Thursday, February 16, 2006 6:35 PM
> To: Kretzer, Jason R (Big Sandy)
> Subject: RE: [Snort-users] snort not logging to mysql database
> Other than that, this issue is hashed about 4-6 times a week
> on the list,
> try reviewing the archives for a solution.
> James Friesen, CIO
> Lucretia Enterprises
> "Our World Is Here..."
> Info at lucretia dot ca
> > -----Original Message-----
> > From: Kretzer, Jason R (Big Sandy) [mailto:jason.kretzer at ...13486...]
> > Sent: Monday, February 13, 2006 7:14 PM
> > To: snort-users at lists.sourceforge.net
> > Subject: [Snort-users] snort not logging to mysql database
> > Hey Gang,
> > First off here are my software versions:
> > FC4, BASE 1.2.2, PHP 5.0.4, Apache/2.0.54, Snort 2.4.3, MySQL 4.1.16
> > Having a bit of a problem that I cannot seem to find an
> > answer to yet and was wondering if someone could point me in
> > the right direction. I also followed the
> > Snort_and_BASE_on_CentOS_RHEL_or_Fedora.pdf to get this set
> > up. Everything is working except that snort is not logging
> > to the mysql database. I uncommented the appropriate line in
> > the snort.conf
> > output database: log, mysql, user=snort password=snort
> > dbname=snort host=localhost
> > Everything is running. The only thing that looks suspicious
> > are the two types of Notices in the Apache error_log
> > [client 127.0.0.1] PHP Notice: Undefined offset: 2 in
> > /var/www/html/base/includes/base_auth.inc.php on line 342
> > [client 127.0.0.1] PHP Notice: Undefined index: archive in
> > /var/www/html/base/base_main.php on line 75
> > No other errors in any log exist that I can tell. The
> > standard BASE https://127.0.0.1/base/base_main.php comes up
> > just fine but with no data(as in 0's and 0%'s for
> > everything). There is an alert file for snort as I nmapped
> > every machine I had to fill it up.
> > Ideas on other things I should check?
> > Thanks,
> > -Jason
> > -------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc. Do you grep
> > through log files for problems? Stop! Download the new AJAX
> > search engine that makes searching your log files as easy as
> > surfing the web. DOWNLOAD SPLUNK!
> > http://sel.as-us.falkag.net/sel?cmd=k
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=ort-users
> avast! Antivirus <http://www.avast.com> : Outbound message clean.
> Virus Database (VPS): 0607-2, 02/16/2006
> Tested on: 2/16/2006 4:34:37 PM
> avast! - copyright (c) 1988-2005 ALWIL Software.
More information about the Snort-users