[Snort-users] snort 126.96.36.199 not sending to mysql
swann at ...4020...
Wed Nov 29 16:51:00 EST 2006
I've been using snort 2.4 and decided to upgrade to 188.8.131.52. Though I
included the "--with-mysql" directive when running configure, snort
fails to send anything to my database. The output directive in the
snort.conf reads like "output database: log, mysql, user=dbsnort
When snort is started, it doesn't complain about any problems, starts
just fine, and adds alerts to the alert file. However, a tcpdump shows
that not a single packet is being sent to the database server. There
are no other output directives in my configuration file and the previous
snort sensor had almost the same exact configuration. Anyone have a
suggestion on what the problem could be?
I briefly had barnyard configured and was using the unified output.
Barnyard had no issues sending data to the database. I was having
issues with Base working correctly, but that is another issue. I
mention this to show that the database server is accepting data from the
server with no problems.
More information about the Snort-users