[Snort-users] snort not logging to mysql database

Kretzer, Jason R (Big Sandy) jason.kretzer at ...13486...
Fri Feb 17 06:00:13 EST 2006


I did, but I did not find one.  I searched the archives and the closest
I found was,

http://sourceforge.net/mailarchive/message.php?msg_id=2075220

And no one replied to this person either.

-Jason
 

> -----Original Message-----
> From: Our World Is Here [mailto:info at ...2282...] 
> Sent: Thursday, February 16, 2006 6:35 PM
> To: Kretzer, Jason R (Big Sandy)
> Subject: RE: [Snort-users] snort not logging to mysql database
> 
> Other than that, this issue is hashed about 4-6 times a week 
> on the list,
> try reviewing the archives for a solution.
> 
> Cheers,
> 
> James Friesen, CIO
> 
> Lucretia Enterprises
> "Our World Is Here..."
> Info at lucretia dot ca
> http://lucretia.ca
> 
> 
> > -----Original Message-----
> > From: Kretzer, Jason R (Big Sandy) [mailto:jason.kretzer at ...13486...]
> > Sent: Monday, February 13, 2006 7:14 PM
> > To: snort-users at lists.sourceforge.net
> > Subject: [Snort-users] snort not logging to mysql database
> >
> >
> > Hey Gang,
> >
> > First off here are my software versions:
> > FC4, BASE 1.2.2, PHP 5.0.4, Apache/2.0.54, Snort 2.4.3, MySQL 4.1.16
> >
> > Having a bit of a problem that I cannot seem to find an
> > answer to yet and was wondering if someone could point me in
> > the right direction.  I also followed the
> > Snort_and_BASE_on_CentOS_RHEL_or_Fedora.pdf to get this set
> > up.  Everything is working except that snort is not logging
> > to the mysql database.  I uncommented the appropriate line in
> > the snort.conf
> >
> > output database: log, mysql, user=snort password=snort
> > dbname=snort host=localhost
> >
> > Everything is running.  The only thing that looks suspicious
> > are the two types of Notices in the Apache error_log
> >
> > [client 127.0.0.1] PHP Notice:  Undefined offset:  2 in
> > /var/www/html/base/includes/base_auth.inc.php on line 342
> > [client 127.0.0.1] PHP Notice:  Undefined index:  archive in
> > /var/www/html/base/base_main.php on line 75
> >
> > No other errors in any log exist that I can tell.  The
> > standard BASE https://127.0.0.1/base/base_main.php comes up
> > just fine but with no data(as in 0's and 0%'s for
> > everything).  There is an alert file for snort as I nmapped
> > every machine I had to fill it up.
> >
> > Ideas on other things I should check?
> >
> > Thanks,
> >
> > -Jason
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc. Do you grep
> > through log files for problems?  Stop!  Download the new AJAX
> > search engine that makes searching your log files as easy as
> > surfing the  web.  DOWNLOAD SPLUNK!
> > http://sel.as-us.falkag.net/sel?cmd=k
> <http://sel.as-us.falkag.net/sel?cmd=k&kid> 
> &kid3432&bid#0486&dat1642
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=ort-users
> >
> >
> 
> 
> 
>   _____
> 
> avast! Antivirus <http://www.avast.com> : Outbound message clean.
> 
> 
> Virus Database (VPS): 0607-2, 02/16/2006
> Tested on: 2/16/2006 4:34:37 PM
> avast! - copyright (c) 1988-2005 ALWIL Software.
> 
> 
> 
> 
> 




More information about the Snort-users mailing list