[Snort-users] MySQL Schema update from 106 to 107

Ian Masters ian at ...12163...
Wed Dec 17 19:17:04 EST 2008


I have some answers to my own questions for anyone who reads this and
might be interested.

> I've found some fixes to the db schema errors which updating from snort
> v2.3.2 to v2.8.3.1. It seems I have to run the following commands in mysql:
> 1. # ALTER TABLE signature ADD sig_gid INT UNSIGNED;
> 2. # INSERT INTO schema (vseq, ctime) VALUES ('107', now());
> 3. # DELETE FROM schema where vseq='106';

I actually used the following:
# /usr/bin/mysql						
mysql>	connect snort					
mysql>	ALTER TABLE signature ADD sig_gid INT UNSIGNED;				mysql>	DELETE
FROM `schema` WHERE vseq = '106';				mysql>	INSERT INTO `schema`  (vseq,
ctime) VALUES ('107', now());			
Then confirmed with:
mysql>	SELECT * FROM `schema`;		

> What I want to know is, if I do this, will my v2.3.2 snort installations
> be able to send alerts to the DB with schema 107 *before* I upgrade them?

After making the database amendments from schema 106 to 107 I was still
able to connect with my snort v2.3.2 machines.

Hope this is useful for someone.

Snort v2.3.2 on various *nix; ACID v0.9.6b23

More information about the Snort-users mailing list