[Snort-users] Can you make snort work with mysql after first installing snort?
wkitty42 at ...14940...
Thu Apr 24 20:43:02 EDT 2014
On 4/24/2014 3:01 PM, Steve Crow wrote:
> Hi, I installed snort; now I would like to increase its usefulness by using some
> reporting tools. It seems mysql is needed. Can snort be made to work with mysql
> via configuration, or does it have to be re-configured and go through make and
> make install again?
you only need to install the other tools and ensure that they can find your
snort's unified2 output file which you need to configure in your snort.conf...
those tools, like barnyard2, will take the data from the U2 (unified2) log file
and insert them into the database... whatever database you choose to use and
that they support...
also, please remember to start your own thread/topic by using the "write new
message" option instead of replying to someone else's thread/topic... this way,
you don't hijack their discussion and it makes it easier for others to see your
discussion... some of us will block/filter/ignore certain topics after a certain
time and if you try to tag along on that topic, your posts will be missed...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users