[Snort-users] Snort My SQL DB

Arun Saini mailarunsaini at ...11827...
Fri Jun 24 00:37:18 EDT 2016


Hi Team,

Please update on my issue i am facing...??




[image: --]
Arun Saini
[image: http://]about.me/arun.saini
<http://about.me/arun.saini>

*Mobile: +91-9890738762*

*in.linkedin.com/in/mailarunsaini <http://in.linkedin.com/in/mailarunsaini>*

On 23 June 2016 at 22:05, Arun Saini <mailarunsaini at ...11827...> wrote:

> Hi,
> Please guide why some packet are not going in acid_event?
> Already shared screen shots!!!
>
> Sincerely,
>
> Arun Saini
> http://about.me/arun.saini
> Mobile :+91-9890738762
>
>
> On 23 Jun 2016 9:43 pm, "Joel Esler (jesler)" <jesler at ...589...> wrote:
>
>> Yes, you need that table.  it’s required by Base.
>>
>>
>> --
>> *Joel Esler*
>> Manager, Talos Group
>>
>>
>>
>>
>> On Jun 23, 2016, at 6:37 AM, Arun Saini <mailarunsaini at ...11827...> wrote:
>>
>> Hi,
>>
>> we are using Barnyard2 version 2.1.13<build 327> and
>> ​attached ​
>> error sc
>> ​r​
>> e
>> ​e​
>> n shot
>> ​for information​
>> ,
>>
>>  snort version 2.9.5.5 GRE [build 205]
>> libpcap version 1.3.0
>> PCRE 8.30 2012-02-04
>> Zlib 1.2.7
>>
>> Mysql snort databese tables,
>>
>> mysql> show tables;
>> +------------------+
>> | Tables_in_snort  |
>> +------------------+
>> | acid_ag          |
>> | acid_ag_alert    |
>> | acid_event         |
>> | acid_ip_cache    |
>> | base_roles       |
>> | base_users       |
>> | data             |
>> | detail           |
>> | encoding         |
>> | event            |
>> | icmphdr          |
>> | iphdr            |
>> | opt              |
>> | reference        |
>> | reference_system |
>> | schema           |
>> | sensor           |
>> | sig_class        |
>> | sig_reference    |
>> | signature        |
>> | tcphdr           |
>> | udphdr           |
>> +------------------+
>> do we need  acid_event  table in our database it ? or please suggest us
>> whether do we actually require"acid_ag          |
>> | acid_ag_alert    |
>> | acid_event         |
>> | acid_ip_cache "
>>
>> in our database ?
>> it is the table where the screen shot saying that the events are not
>> found the way...
>> surely we will upgrade our snort but just want to diagnose why this error
>> is coming on screen.
>>
>>
>>>> ​Sincerely,
>> Arun Saini
>> Mobile :+91-9890738762
>>
>> On 23 June 2016 at 07:33, Joel Esler (jesler) <jesler at ...589...> wrote:
>>
>>> I would help us tremendously if you could tell us what version of
>>> Barnyard2 you are using, what error you are receiving, and even, if you
>>> could update your version of Snort, to something that is supported, that'd
>>> be great too.
>>>
>>> --
>>> *Joel Esler*
>>> Manager, Talos Group
>>> Sent from my iPad
>>>
>>> On Jun 22, 2016, at 9:24 PM, Arun Saini <mailarunsaini at ...11827...> wrote:
>>>
>>> Hi,
>>> Can anyone help me to know the table names under mysql dB for snort from
>>> where Base read the data,actually I have a table named as acid_events and
>>> acid_cache where some of the records/data failed to inset, and on base
>>> screen I get notification I.e.alerts have NOT found their way into acid "
>>> please see attached screen , requesting you to please help us to resolve
>>> the issue ..
>>>
>>> we are using snort version 2.9.5.5 GRE [build 205]
>>>
>>> libpcap version 1.3.0
>>>
>>> PCRE 8.30 2012-02-04
>>>
>>> Zlib 1.2.7
>>>
>>> I can provide the screen shot if required!!!
>>>
>>> ​​
>>> ​​
>>> Sincerely,
>>>
>>> Arun Saini
>>> Mobile :+91-9890738762
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
>>> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
>>> present their vision of the future. This family event has something for
>>> everyone, including kids. Get more information and register today.
>>> http://sdm.link/attshape
>>>
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>>
>>> Please visit http://blog.snort.org to stay current on all the latest
>>> Snort news!
>>>
>>>
>>
>> <not found the way to acid events.png><alerts have NOT found their way
>> into acid.png>
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160624/2f576d9d/attachment.html>


More information about the Snort-users mailing list