[Snort-users] Snort and MySQL

Joel Esler jesler at ...1935...
Fri Sep 21 14:57:52 EDT 2012


http://blog.snort.org/2011/06/snorts-output-methods.html

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire

On Sep 21, 2012, at 2:47 PM, Jeremy Hoel <jthoel at ...11827...> wrote:

> The reason behind it was, as i can best summarize, is that snort is a
> IDS/IPS and it's job is to generate alerts as quick as possible.  So
> snort outputs to unified and syslog and that's about it.  Then you use
> other tools to take the unified files and send them somewhere.  this
> allows snort to work faster and focus on it's one task vs worring
> about DB connections, etc.
> 
> 
> 
> On Fri, Sep 21, 2012 at 4:43 PM, PR <oly562 at ...11827...> wrote:
>> whose bright idea what that by the way? reasons??? due to daq? just
>> curious. thanks, it helps me understand things more
>> 
>> On Fri, 2012-09-21 at 08:12 -0400, Jack wrote:
>>> Snort can not output directly to mysql anymore, It is required to use
>>> Barnyard2 in order to use mysql databases with snort now.
>>> 
>>> On Fri, Sep 21, 2012 at 7:20 AM, Joao Daniel Neves
>>> <joaodanielnevesss at ...125...> wrote:
>>>> 
>>>> Hi,
>>>> 
>>>> I instaled MySQL via RPM at Centos 5.5.
>>>> 
>>>> [root at ...780... ]# rpm -qa | grep mysql
>>>> mysql-5.0.77-4.el5_6.6
>>>> 
>>>> It is a x86 package. My OS is x86_64
>>>> 
>>>> I have compiled the snort's dependencies for my system since that there
>>>> aren't official RPM packages. I ran ldconfig.
>>>> 
>>>> Then I finally tried to install snort.
>>>> 
>>>> ./configure --with-mysql
>>>> A lot of output cuted
>>>> configure: WARNING: unrecognized options: --with-mysql
>>>> 
>>>> My question: How to compile Snort to use MySQL?
>>>> 
>>>> 
>>>> ------------------------------------------------------------------------------
>>>> Got visibility?
>>>> Most devs has no idea what their production app looks like.
>>>> Find out how fast your code is with AppDynamics Lite.
>>>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>>>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>>>> _______________________________________________
>>>> Snort-users mailing list
>>>> Snort-users at lists.sourceforge.net
>>>> Go to this URL to change user options or unsubscribe:
>>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>>> Snort-users list archive:
>>>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>>> 
>>>> Please visit http://blog.snort.org to stay current on all the latest Snort
>>>> news!
>>> 
>>> 
>>> 
>> 
>> 
>> ------------------------------------------------------------------------------
>> Got visibility?
>> Most devs has no idea what their production app looks like.
>> Find out how fast your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219671;13503038;y?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>> 
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 
> ------------------------------------------------------------------------------
> Got visibility?
> Most devs has no idea what their production app looks like.
> Find out how fast your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219671;13503038;y?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-users mailing list